Details of What Happens After A Cyber Attack

Strangest WhatsApp Commercial

WhatsApp is the personal messages platform owned by Meta (formerly known as Facebook). It has 2 billion users and is known for end-to-end encryption. Interestingly, they launch a commercial about their end-to-end encryption, emphasizing it’s importance. And although it’s not a bad commercial, it takes a stab at their other messaging platform, Facebook Messenger. The plot of the commercial basically underlines that without end-to-end encryption, your messages can be read by anyone…which is true. It’s also true that their other product, Facebook Messenger, is not encrypted. It feels like a double-edged sword situation where it's leaving everyone a little confused. Here is the commercial. Let me know what you think.

A Detailed Outcome of a Cyber Attack

In 2020, the Scottish Environment Protection Agency (Sepa) had thousands of files stolen. After an audit, the full extent of the cyber attack is still unknown over one year later. They refused to pay the ransom so the hackers released the files on the internet.

Here are the shocking outcomes reported by the audits:

• “Someone opening a fake email from hackers is the most likely cause of the cyber attack, according to experts. This means there "may have been a degree of human error involved" in the suspected phishing attack, according to Audit Scotland.
• The majority of Sepa's data was either "encrypted, stolen or lost" and the "sophistication of the attack meant back-ups were corrupted".
• Sepa's latest financial strategy estimates a "budget gap" of £6m (best case scenario) and £17m (worst case scenario) by 2024. A "strategic change" programme will see 50 full-time equivalent jobs go as a result.
• As of March, 2021 the cyberattack is estimated to have cost £1.2m but the quango's management have not been able to "fully quantify" the full financial impact yet.
• Sepa has written off about £2m "that it will be unable to collect in fees due to loss of underlying records".”

My thoughts: I think this is one of the most detailed report we’ve seen in the news about a data breach. And this is closer to reality than what we normally see reported in the news. Side note: If you’re worried about backups being compromised or corrupted, look into our partner ExaGrid. They have a built-in technology to prevent that from happening.

Oil Terminals in Germany Might Pay Ransom To Avoid Chaos

On January 29, 2022, German oil terminals were the victim of a cyber attack that affected their IT systems. They were working at limited capacity and expect this to last up to 14 weeks. Not being able to meet contract needs, they had to declare force majeure for their supply activities in Germany.

"Given the potential fragility of the fuel supply chain -- as highlighted by recent shortages in the UK -- disruptive cyber attacks can cause widespread disruption for consumers and businesses," Huntsman Security Head of Product Management Piers Wilson said.

"With luck the attack on Oiltanking won't see widespread disruption in Germany, but it must be seen as a wake-up call to organizations that still are not 100% confident in their own and their partners' cyber defenses," Wilson said.

Unfortunately, they are thinking of paying the ransomware demands to avoid chaos. (SPG Global)

My thoughts: Critical infrastructures will 100% need to protect themselves this year, if they haven’t already. Cyber criminals see the importance of those industries and the potential impact an attack can have.

Did You Know Ransomware Negotiator is a Real Job?

I recently watched a video by Vice on YouTube. Kurtis Minder, the Ransomware Negotiator explains more about his job, what it’s like to be a victim of ransomware and how he deals with cyber criminals. One point I know I forgot is that when cyber criminals get into your network, they can potentially see how much money you have and base their ransom request off your financial statements. They can even base it the ransom request off your cyber insurance policy. These criminals are getting more sophisticated! Now that is leverage I did not consider they could have. Very interesting video. Highly recommend the watch. It’s only 8 minutes long.

Here’s A New Podcast To Listen To

I want to introduce you to one of my favorite podcasts – Cybersecurity Today. They have short daily episodes that are information and precise. There are 45 reviews on Apple Podcasts for an average of 4.8 stars. I want to highlight their recent episode with Ann Cavoukian, Executive Director at Global Privacy & Security by Design Centre. She talks about security by design and how prioritizing privacy is a competitive advantage that will help businesses grow. I definitely recommend listening to the 20 minute episode.  

‍

__________________________________

Access The Untold Stories of IT Professionals.

Assurance IT launched IT Spotlight - a weekly newsletter putting the spotlight on IT professionals. Get the inside scoop on their careers, their predictions in the industry and more. Once a week, every week, find out what other IT professionals are up to. Learn more here.

‍