Cyberattacks are stronger and smarter every day. Protect yourself with the cloud.
Cyberattacks today are not just a matter for major multinationals; they’re hitting small and medium enterprises more and more often. So the question is not whether a company and its IT systems will be attacked, but more when they can expect an attack. How can you best prepare for this reality so you won’t be paralysed? Here is some inspiration along with recommendations from our customers’ real-world cases.
Companies are running their business using IT systems more than ever, and so a cyberattack can do major damage, on the order of hundreds of thousands of euros. The risk involved is that these attacks will limit or stop their deliveries of products and services, or shut down production – or the whole company. For smaller companies this can be fatal. And it’s not just about money, as it threatens the company’s good name and customer relationships and can weaken its competitiveness.
One of the most aggressive types of computer viruses is the cryptovirus. The cryptovirus-based malware called ransomware is coming to the fore. It encrypts your documents, photographs and other files. The hackers then only unblock them after receiving a fat stack of cash – most often in a cryptocurrency such as Bitcoin. But even this may be far from the end of it. The hackers may demand no small sum to keep them from handing the data to the competition.
The five shared traits of cyberattacks
Every recent hacking attack on information systems that we’ve handled for our customers has had some traits in common:
- The attacker had been on the victim’s network for quite some time.
- The attacker had their information systems mapped out perfectly.
- The attack struck flawlessly. It knocked out key systems and hit the data and system backups as well.
- The systems could not be quickly and fully brought back online.
- The attack itself took place unexpectedly at night, when it is difficult to react quickly.
Examples of attacks on logistics and manufacturing companies
We can illustrate the typical scenarios when hackers attack a company with two examples. The first is a logistics company, which was attacked on a Thursday night. The attack even hit a critical information system for managing deliveries to customers. The use of the system was blocked, and all their backups were encrypted. The customer turned to us asking for aid, and they had a stroke of luck. They were in the middle of upgrading their information system, and thanks to this we as a supplier had a month-old full backup of their system. At ten that night we received the first information on this incident, and we began taking our first steps to restore the system. A status analysis was followed by the tasks of planning their repair options, picking the best variant and finally preparing the new system.
The fastest option turned out to be bringing their entire IT infrastructure online in the AWS (Amazon) cloud, where we were able to bring a testing version online already on that Friday thanks to the existence of a backup. On Saturday, the customer began an inventory of their warehouse and WIP. Despite the swift intervention and the restoration of their systems, the damage ran up into the hundreds of thousands of euros.
Rostislav Schwob, Supply Chain Solutions Director, Aimtec
Another company, this time in manufacturing, got into a difficult situation when it lost all access to its servers and applications after an attack. Its data was not backed up outside the network, and so even a partial restoration of its IT system took almost a whole week, and the company had to run at half steam. Full restoration of functionality in cases like these can take entire weeks or months.
What connects these two cases?
The fastest route to restoring the information system led through a cloud solution. Why is that the case? It’s because cloud service providers have all their infrastructure available to users in practically one click, plus access to as much system performance as they need. Robust cloud centres are also far better protected against such attacks than is typical at the local level.
How can you reduce the impacts of an attack and keep it from endangering your firm’s operations?
Here are some recommendations from industry practice:
- Maintain daily, regular backups stored outside your own network.
- Have backups at your software provider. When your system is attacked, they can quickly restore it.
- Shift the responsibility for solution security to your information system’s supplier, and run your system in the cloud.
If for any reason you cannot operate in the cloud, or you don’t want to pay hackers a ransom and then pray they’ll restore your system to full functionality, it will definitely pay off to focus on backups for all your key systems. Have backups that are sufficiently fresh, and above all stored in an impenetrable place. This is where we see a lot of room for improvement in most companies. Even outside of cybersecurity, during hardware accidents where the disk array broke down, we were unable to make use of the backup for restoring the customer’s systems. Something always failed.