In 2019, hackers infiltrated Texas local body government computer systems. They seized control, blocked access to vital data, and demanded a huge ransom. Is NZ vulnerable to similar attacks?.
The Texas government learned from the $10 million Baltimore disaster and paid out the $2.5 million ransom demand quickly, regained control, and patched the leak. But they didn’t learn their lesson and in 2020 was hacked again, using ransomware that invaded computers and encrypted files in the transportation department.
Closer to home, Australia has been facing increased cyber attacks from overseas. Malicious attacks from sophisticated entities targeted a range of Australian sectors, both private and government. This has resulted in increased controls and defenses against the attackers.
1. Why worry about cyber-attacks?
Cyber attacks are dangerous in a range of ways:
- Release of private, personal, or confidential information. This is a risk for all organizations- businesses having customer details shared, or sensitive financial information. For governments, the risk of almost anything going public is enormous.
- I am holding computer systems to hostage. This means no access to information, and the possibility of data being destroyed.
- Mis-use of computer systems. This is hugely worrying; traffic light controls, operating power plants, almost anything that can be controlled remotely can also be taken over and used maliciously.
- Loss of money. The goal for some hackers is income from extortion. Also, businesses may lose money- and trust- from their users.
These threats aren’t just from a hacker in a darkened bedroom somewhere either; business competitors, state threats, and organizations such as Anonymous all have various aims or goals.
2. Does this matter to you?
As an individual, a business owner, or citizen, this is a threat that you should be worried about. Not just for your data’s privacy, your business’s compliance with GRC and security, or to stay safe in an increasingly digital Tech world, but for the safety of your country.
While security affects your workplace, your ability to work securely from home, and the ramifications from that, there are also other much broader implications.
3. What is NZ doing about cybersecurity?
Eight years as Prime Minister, Sir John said his roles on the board of the cybersecurity company Palo Alto Networks & as the chairperson of ANZ Bank New Zealand, had given him insights into the escalating threats New Zealand businesses face.
“Individuals, companies, governments they play by the rules,” said Sir John, who spoke alongside Microsoft Managing Director, Vanessa Sorenson, at the launch of Umbrellar Connect.
Everyone, from individuals to the state, needs to keep their systems safe from cybercrime.
Individuals: Consider having a password system such as LastPass, which allows you to securely store passwords, create complex random passwords, and detect if passwords are too weak. This means your log-ins are far more secure and less likely to be hacked.
Have a tricky password for your Wi-Fi (not 12345678 or ‘password123’). Also, think about your IoT, and all digital-enabled items in your home need to be protected. A smart refrigerator was hacked in 2014 and used to send spam – all smart devices run this risk.
If you work from home and have secure access to your employer’s computer system, ensure you follow all best practices. Don’t log on in insecure connections, don’t share your password, and don’t leave your laptop unattended.
Businesses and governments: You need to invest time and money into your cybersecurity. Hire specialists that can help you pinpoint where your weaknesses are and then plug the gaps. As well as a robust system for passwords and staff, there are technical things to investigate, such as firewalls.
One of your most significant weaknesses is your staff- training them to identify cyber threats and manage them. McAfee estimates over 100 billion malicious scans each day and thousands of phishing and ransomware attacks. This is not IF, this is WHEN.
Regular system maintenance and keeping up to date with the latest threats is vital. Scammers and hackers move fast and will exploit all gaps in process, software, and hardware. While hiring professionals to manage this may seem expensive, they will find and security vulnerabilities.
The cost of not doing this should be losing everything.
Encrypting and backing up are an excellent means of defense. Backing up, off-site, securely, is not just a must in case of physical disaster where your business cannot access the location, but also a safety net in case systems are hacked. If you have a backup of everything, hackers refusing to obtain your order are less catastrophic.
Also, encrypting information, running things through VPNs, and multiple security layers make a hacker’s job much more difficult.
If cyber threats aren’t taken seriously, there could be some extremely unpleasant and unexpected consequences. All online systems are vulnerable, and keeping them safe should be a priority for businesses, individuals, and governments.
Finally, listen to what others say. Zoom suffered an embarrassing and challenging setback when a social media influencer hacker found several weaknesses in their software and then Tweeted about it.
This spawned a string of security incidents with an in-demand service at the global pandemic height when more companies were moving their operations online. Governments have also been warned in the past about possible security flaws, only for further breaches to be made.
Think about it now, before it is too late. If you’re unsure, ask Garmin, who was hacked in July 2020, and resulted in global outages, runners, and cyclists who can’t track their training and ongoing problems.