We’re only halfway through July, and it’s already been an expensive month!
The fine is roughly the cost of a 747 in the BA fleet, according to The Register, which also noted that BA was in the process of considering outsourcing their cybersecurity function at the time of the breach (https://www.theregister.co.uk/2018/09/07/ba_security_outsurcing_consultation_memo/), with this thought-provoking quote from “an infosec expert with experience in the aviation industry who told El Reg,‘You don’t outsource something that is working well.’ The airline may have proposed outsourcing either because it is ‘struggling to get enough high-quality staff or because the board wanted to cut costs,’ we were told.”
Ransomware at the city level is becoming quite a trend as cities historically have not been funded to adequately man, train, and equip cybersecurity staff. With the huge Atlanta event (costs now nearing $17m USD), Baltimore ($18m USD estimated), and recent cities in Florida (over $1.6mUSD combined) in the news, it is time to think about cities, no matter the size. Resolving to never pay is all well and good until it happens to you – be proactive and prioritise security now before you get to make that choice yourself.
Axios asks the smart question: “When will companies stop prioritising features over privacy?” My guess would be when consumers make them pay for their mistakes. The larger issue here is not the fact that Zoom installed a web server that “any website [could] forcibly join a user to a Zoom call, with their video camera activated, without the user’s permission”, but that it was installed (and subsequently removed) in a very opaque manner.
This malware appears to be related to Shamoon 2, which was used to attack Saudi energy companies in 2016 (https://unit42.paloaltonetworks.com/unit42-shamoon-2-return-disttrack-wiper/). While it may seem like nation-state level events can be largely ignored by industry, this is a dangerous assumption as we often see the tools or their variants used by criminal actors after their release. The active defense against this malware is to fully patch your Microsoft Outlook software, so we’ll wait for you here while you go make sure that’s done.
Now that you’re back, the Global Cybersecurity Index (GCI) ranks nations across five factors: (i) Legal Measures, (ii) Technical Measures, (iii) Organizational Measures, (iv) Capacity Building, and (v) Cooperation to determine their commitment to cyber security. The United Kingdom comes in at #1, with Australia at #11, lagging a bit behind in Technical Measures. While it’s interesting to see how national efforts rack and stack, apply these same factors to your organization; how would you rate?