It Won't Happen To Us

Author: Colin Robbins

When talking to board members and senior executives of SMEs about cyber security, a common phrase we hear is “It won’t happen to us”.

This is justified by “We are not sufficiently important”, or “We don’t have anything they would want”.

“Well, it did”, Ian Major of The Sherwood Forest Trust reported at the East Midlands Cyber Security Conference 2020. His presentation began with an epic tale of a small SME with fewer than 10 employees, battling a Ransomware attack beyond their means. He tells us of how unprepared they really were when the attack happened and how devastating and demoralising it was to be stuck in the eye of a storm. Fortunately, they recovered from the attack, but there was a large element of luck.

But Ian is not alone.

 

M.E.Doc Software Hack

M.E.Doc is an SME run by Oleysa Lunnyk, supplying accounting software – similar to TurboTax or Quicken.

“We do quite basic and simple things. We help out accountants and we saw ourselves as quite distant from cyber security issues” is a quote attributed to Oleysa in Andy Greenberg’s book “Sandworm”. In 2017, their business was hacked.

The result of the hack? M.E.Doc computers pushed a malicious update to the tax software of their customers. Once in the wild, this malware spread like wildfire across the globe.

According to the Guardian, “the outbreak had shut down computers in more than 80 NHS organisations in England alone, resulting in almost 20,000 cancelled appointments, 600 GP surgeries having to return to pen and paper, and five hospitals simply diverting ambulances, unable to handle any more emergency cases”.

 

The Ripple Effect - Maersk

Shipping company Maersk had operations disrupted for over 2 weeks, reportedly costing them between $250 million and $300 million. The IT Administrator reportedly said “I saw a wave of screens turning black. Black, black, black. Black black black black black,” as all Maersk PCs were irreversibly locked.

The attack has been attributed to a team led by Sergey Morgachev based at 20 Komsomolsky Prospekt, Moscow. The address is that of Russian state GRU intelligence agency. So although M.E.Doc is an SME, and a small cog to Sergey and his team, it was a perfect cog to release their cyber weapon on the world (The book “Sandworm” explores the motivation behind this).

Wanted by the FBI poster

So, you may be an SME, you may be a small cog, but do not underestimate your cyber impact in a globally connected supply chain. Oleysa reports on the impact on her business: “Seven years of reputation destroyed”!

Do you still think it will not happen to you?

 

How To Protect Your Business

The NCSC have put together a guide for small businesses on how to improve cyber security within your organisation. They have outlined 5 steps that you can take, which could save you time and money. These steps are:

  1. Backing up your data - every business should regularly back up its data to ensure that it can be restored.

  2. Protecting your business from malware - it is important to implement steps to prevent malware from damaging your organisation.

  3. Keeping your smartphones (and tablets) safe - as mobile phones are an important part of everyday business, it’s important to ensure they are protected from external threats.

  4. Using passwords to protect your data - a strong password is a free and effective way to protect hackers from accessing your data.

  5. Avoiding phishing attacks - phishing attacks happen over email and can result in hackers accessing sensitive information. It is important to know the signs and report any suspected attacks.

 

For a more comprehensive understanding of cyber security for your business, you can undertake the Cyber Essentials certification. This is a valuable certification to have, as it reassures your clients or customers that you have the correct security measures in place to protect your business. You will also gain insight into the current level of your cyber security and identify areas for improvement.

Nexor can help you to put a strategy in place with our cyber security assessment service. Get in touch with our team today to ensure that your business is protected.

 

Originally posted on LinkedIn

Read more posts on

About the author

Colin Robbins is a Principal Security Consultant, leading customer-funded research activities in secure interoperability and information exchange. He has specific technical interests in the Single Information Environment and Data Centric Security, as well as the processes of security, such as Secure by Design and Information Security Management Systems (ISMS). He is a Fellow of CIISec, and a former NCSC certified Security and Information Risk Adviser (Lead CCP).

Colin Robbins on Linkedin

Read more posts by Colin Robbins

Read more posts on