In the aftermath of this major IT event, is there something everyone can take from this? What can we learn from Waikato DHB, and the pain they are still going through as they restore their systems and their services?
For Icon IT, there is one simple answer to this: people click on things they shouldn’t. They always have, and they always will. It’s one thing we highlight during our Phishing Education sessions; if there’s one weak link in your organisation’s IT security, it’s people.
We aren’t saying all people click on things they shouldn’t, but there’s another saying we have that can be highlighted here: it takes just one person to bring an entire organisation down. The ransomware attack on Waikato DHB is proof of this.
Waikato DHB’s current working hypothesis is that it was an email containing a link to ransomware that brought down the hospital, and all it’s services. So that’s one person who changed everything, and basically put lives at risk. That, of course, is the worst-case scenario. There aren’t many organisations that could put lives at risk if their IT systems went down or were infected with ransomware.
But the impact to your company could still be at a high level. Think of the impact if everything was inaccessible, for days – or longer. There are some companies (too many of them) that have gone bankrupt as a result of things like this. They simply couldn’t get everything back to where it should be, and had to close their doors.
Don’t be that company.
Don’t give up hope – train your staff
There are a number of things you can do to help yourself avoid that situation. Number one is training your staff on what to look for in an email. Yes, Waikato DHB should have – and likely does have – some excellent security in place around emails and ransomware. But there is always a chance that just that one could get through, and that’s exactly what happened.
One dodgy email getting through is not an issue if your staff member doesn’t click on any links, either in the email or in an email attachment. This is why we run a Phishing Education session, just 30 minutes long and targeted towards how to spot a phishing email, and other basic IT security topics like passwords.
This phishing education session could save your company time, a lot of money, and your reputation.
Immutable Backups – use them if you can
Secondly, you need to know that you have backups of all your data safely locked away. Some cloud backup providers, like AWS and now Microsoft with its Azure product, offer ‘immutable’ backups. This means that if your backups are stored with them, they can’t be altered for a certain amount of time – generally 7 days – after the data was received. Simply put, it means that if your company was attacked with ransomware, those backups are set to read-only so cannot be encrypted by ransomware.
If you are utilising either of these cloud services, we strongly encourage you to use immutable backups.
Find out where you stand
This may also be the time to have an IT audit on your backups, or your entire IT security/IT systems. Icon IT can do any or all of these for you; we know that often there simply isn’t time to do this yourself, and honestly, sometimes it’s better to get someone with a fresh pair of eyes to look at your systems.
We’re happy to have a chat with you and discuss, with no obligation.