Tuesday, June 22, 2021

Cyberattacks

 

www.itprotoday.com

Whenever anyone brings up the subject of too many annoying scam and robocalls, I always say the same thing.  “Gee whiz, if we cannot eliminate robocalls, what chance do we have solving the larger problems that face us.”  It just seems logical to me.  Sure, I understand that a lot of these calls originate from entities outside the US and software makes it easy for the perpetrators setup such call systems and hard to stop them.  I am sure it is not easy to stop these thieves and charlatans, but I cannot believe we cannot eliminate these calls if we really wanted to.

Technology has made many aspects of our lives so much easier.  But, it clearly has a dark side too.  Cybercrime is real.  This has been the year of ransomware.  We have seen the Colonial Pipeline hacked disrupting the flow of gasoline on the East Coast.  They paid $4 million to get back online and operating.  More recently, JBS, which is the worlds largest meat packaging company by revenue, was hacked.  They paid $11 million dollars to get back control of their business.  The revenue of Colonial Pipeline is $500 million and $51.2 billion for JBS.  While the ransom sums are millions, it was easier to pay than to try to fix the effects of the attack.

Ransomware is quite clever.  Once into the Enterprise Resource Planning System (ERPS) of their target, the hackers install the ransomware virus that basically encrypts or makes the all the data of the company inaccessible.  Companies these days are so dependent on ERPs to handle practically every transaction in the business.  If the data base is inaccessible, it is impossible to transact any business.  The victims gladly pay the ransom to get the key, basically a complicated password essentially impossible to duplicate, to get access to their data and hence regain control of their business. 

You would think that the system could be erased and restored from a back-up.   To do that, a company would have to store their back-ups in a way that the ransomware attack cannot infect the backup system as well.  Thus, the backup system must be physically separate from the same system.  I imagine not everyone does this.  Even if they backup their systems properly, I imagine the ransomware criminals price the ransom at a level where paying the ransom is the cheapest alternative. 

Before ERPs, business was conducted via paper transactions and inboxes and outboxes.  ERPs automated much of the paper-shuffling that was manpower intensive.  ERPs do it more efficiently with less people.  There is no going back.  Or is there?

While I have not given it a lot of thought, I have wondered why Colonial Pipeline was shut down until the ransom was paid and their systems restored.  Shouldn’t every business have back-up plans to run the businesses the old-fashioned paper-shuffling way when a ransomware attack or similar catastrophe occurs?  It seems logical, I just haven’t thought it through enough.   Operating at 70 or even 50% has to be better than being shut down for a week.

I am torn between two possibilities.  First, I wonder if we are taking these threats seriously enough.  On the other hand, I wonder if we have an Untouchables kind of cybersecurity force that has thwarted ten times the number attacks then are ever reported.  I would hope that the latter is true but suspect that we have not been taking these threats seriously enough.  A June 5th article, Are We Waiting for Everyone to Get Hacked? - The New York Times, talked about how in 2012 then Secretary of Defense, Leon Panetta, warned of a “Cyber Pearl Harbor.”  The article is a sobering and somewhat terrifying read.

 I hope we heed Mr. Panetta’s warning before a disastrous attack happens.

No comments:

Post a Comment