Businesses continue to rely on technology more and more as a means of making their goods and services more affordable, useful, and accessible. By consequence, these digital systems encompass large volumes of information – however, where does this information go? Who can access our information? How do we know this information will be secure, and not maliciously utilized?
Cyber-Emergency Preparedness under Maersk
When concerning cybersecurity, ignorance does not mean bliss. For example, Maersk demonstrated that they did not have a robust cybersecurity infrastructure in place to effectively detect the attack. During a cyber-attack in June 2017, employees first suspected danger once they saw disturbing, abnormal messages on their screens, with some different than the next. After almost two hours, the IT department effectively disconnected the company’s entire global network. This would be the first of many efforts by the IT department to demonstrate their cybersecurity capabilities.
All personnel were required to shut down their computers and phones, with some employees even sent home for the day. The hackers not only cut corporate productivity down to a sliver, but Maersk’s shipping terminals too were inoperative. In Elizabeth, New Jersey, vehicles were lined up for miles outside Maersk’s shipping terminal; since their gate shut down for the day, every customer was unable to get their cargo in and out of the gate.
Ultimately, Maersk was able to withstand the attack and remain in business. Their recovery strategy began strictly by chance – during the attack, one remote office in Ghana had a power outage. This allowed Ghana to retain an unaffected copy of the company’s server system map, which the company’s IT department used for an offline data backup. Had Ghana’s office been online during the attack, no offline data backup would exist. Most importantly, the company would have been completely shut down. Over the ten days immediately following the attack, the company’s IT department reinstalled 4,000 new servers, 45,000 new PCs, and 2,500 applications. Maerk’s chairman Jim Hagemann Snabe, who previously worked for the IT Industry, notes that the ten-day effort usually takes around six months.
“It is nearly impossible for any business, no matter how lucrative, to unsuspectingly face nine figures worth of damages without any fear of what the future might hold.”
NotPetya and their Impact to Global Technology
The term “warfare,” instead of conventional artillery, now encompasses both technology and the World Wide Web. A prominent example includes the battleground between Russia and the Ukraine. Russia’s cyber offense includes a group of agents (called Sandworm) that hacked into dozens of the Ukrainian government’s organizations and companies. During June 2017, Sandstorm released their most dangerous cyber weapon to date, known as NotPetya. Sandstorm effectively deployed this malware by identifying thousands of PCs around the country and the world that have M.E.Doc (an accounting software). Sandstorm entered a code that spread the NotPetya malware faster than any of its viral predecessors.
NotPetya indiscriminatingly wreaked havoc on machines across the world. Not only did Maersk feel the devastation, but also several multinational companies faced crippling destruction, including pharmaceutical giant Merck, FedEx’s European subsidiary TNT Express, and French construction company Saint-Gobain. While the average cost for a small business to recover from a cyber-attack amounts to $500,000, each of these multinational companies inflicted nine-figure costs to repair from NotPetya’s wrath.
It is nearly impossible for any business, no matter how lucrative, to unsuspectingly face nine figures worth of damages without any fear of what the future might hold. NotPetya will always be a nightmare-case scenario in the dimensions of cybersecurity. Think of the devastation felt across Europe during World War II, where “total war” strategies waged unrestrained warfare aimed at the total destruction of military and civilian populations. The majority of ports in Europe and many in Asia had been destroyed or badly damaged. Now, think of how the terms of military engagement have expanded to digital realms, and how said warfare could attack far beyond the intended target.
Don’t wait for a cyber criminal to attack. Contact Gigabit Systems today.
Technology, Cybersecurity and the Future
Technology is continuously changing the landscape of how we share our information, optimize or systems and processes, and in the most dangerous of cases, fight our battles. Our phones, tablets, and laptops, specifically the information we share on these devices, are more desired, and targeted from afar, discrete locations than any precedent. Individuals and businesses alike must be mindful of how technology makes our information not just valuable, but attainable.
We consider technology as a means to (in layman’s terms) make our lives easier, we hardly look up from our phones enough to consider the possibility that technology could make our lives more difficult. Although Maersk survived the NotPetya cyber-attack, the malware should serve as an example for businesses across the international community about the potential consequences of not having a sustainable cybersecurity system, as well as the essential necessity for regular offline data backups. The Maersk example provides context to how how total war tactics between two nations can threaten cybersecurity, and even jeopardize a multinational corporation’s bottom-line. Given this context, NotPetya should exist as both a warning and an international standard for all cybersecurity infrastructures to detect and dismantle.
Learn more about the latest in cyber security by subscribing to our blog;https://gigabitsys.com/news