Death taxes and hacking

August 31, 2021

The cost of doing business and the challenge of cyber crime

Benjamin Franklin (1706-90), the American writer, scientist, inventor, statesman and political philosopher, was the country’s first Ambassador to France. In a letter to French physicist, Jean-Baptiste Leroy in 1789, he wrote the now often cited line: “In this world nothing can be said to be certain, except death and taxes.”

Whilst it has held true for over 200 years, one wonders if he had been writing in 2021, if the line might have been: “In this world nothing can be said to be certain, except death, taxes and being hacked.”

It seems there is a certain inevitability to being hacked or suffering a ransomware incident, given recent statistics gathered from around the internet, detailing the global threat of cybercrime faced by organisations of every size, complexity and location:

  • 88% of organisations experienced spear phishing attempts in 2019.
  • 43% of cyberattacks target small businesses
  • 68% of business leaders feel their cybersecurity risks are increasing.
  • Data breaches exposed 36 billion records in the first half of 2020.
  • 86% of breaches were financially motivated
  • 45% of breaches featured hacking, 17% involved malware
  • Testers gain a level of access to 42% of new clients during external penetration testing
  • 95% of cybersecurity breaches are caused by human error.

The likelihood of an attack being successful, has even caused some security experts to recommend larger legal firms in the US to open cryptocurrency accounts and add to their investment when the market is low, in preparation for having to make a ransom payment in the near future.

This move might soon become irrelevant however, with growing calls, particularly in the US to make it illegal for victims to pay ransom demands to retrieve their data. Currently such a decision is a long way off, as such a move would see many businesses simply unable to recover and close. All of which shows the confusion surrounding the threat of attack, the best defence and likely outcomes.

What is the final line of defence against cyberattack?

Like so many problems, prevention is always better than the cure and the same is true for internal and external security of your organisation. Stopping people gaining access to your building is far easier and more cost-effective than trying to remove them forcibly, once they have run around your offices for a while.

There are an almost limitless number of products and solutions that will defend your network, systems, infrastructure, data and devices against cyberattack, preventing malware, viruses etc., from gaining a foothold.

But perhaps the most alarming point from the list above is that 95% of cybersecurity breaches were caused by human error. This may be through a technical error by a member of the in-house IT team, an individual fooled by a phishing email, or someone sharing data over insecure networks, but whatever the error, the consequences can be serious, expensive and hugely disruptive.

If the worst happens, your final line of defence is your backups. Hopefully you have followed the 3,2,1 rule – 3 copies of your data, on 2 different media (disk and tape) with 1 copy off-site for disaster recovery.

Now on-site backups left untouched by the cyberattack, can be used for a quick recovery, but remember, newer ransomware attacks now seek your backups to encrypt too – the criminals know if you have a solid backup and recovery plan, their attacks can be defeated.

The off-site backup is now more important than ever and an air gap should exist, to ensure a virus cannot jump from your infected system to this final, extremely valuable backup. Ideally, this backup will also be a recent immutable copy, so even if a virus with the help of slack systems or malicious actors can get at this backup, no changes can be made and the backup is unaffected.

How much risk are you prepared to accept?

Depending on how much data you need to back up and how much you can afford to lose, will largely set the cost of your backups. Taking a tape or hard-drive off-site every week is relatively cheap but risk a week’s worth of new data and real-time replication ensures you lose no data, but is expensive.

And within reason, your choice lies somewhere between those two extremes. So decide what amount of data you can afford to lose and still recover from a cyberattack, then get in touch, so we can talk you through the options you have. In the meantime, do not believe that just because you have an O365 account, Microsoft is taking care of everything. It’s not that simple.