{"id":769,"date":"2021-06-08T21:26:05","date_gmt":"2021-06-08T09:26:05","guid":{"rendered":"https:\/\/iconit.co.nz\/?p=769"},"modified":"2021-06-21T08:50:23","modified_gmt":"2021-06-20T20:50:23","slug":"what-can-we-learn-from-waikato-dhb","status":"publish","type":"post","link":"https:\/\/iconit.co.nz\/index.php\/2021\/06\/08\/what-can-we-learn-from-waikato-dhb\/","title":{"rendered":"What can we learn from Waikato DHB?"},"content":{"rendered":"\n

In the aftermath of this major IT event, is there something everyone can take from this? What can we learn from Waikato DHB, and the pain they are still going through as they restore their systems and their services?<\/p>\n\n\n\n

For Icon IT, there is one simple answer to this: people click on things they shouldn\u2019t. They always have, and they always will. It\u2019s one thing we highlight during our Phishing Education sessions<\/a>; if there\u2019s one weak link in your organisation\u2019s IT security, it\u2019s people.<\/p>\n\n\n\n

We aren\u2019t saying all<\/em> people click on things they shouldn\u2019t, but there\u2019s another saying we have that can be highlighted here: it takes just one person to bring an entire organisation down. The ransomware attack on Waikato DHB is proof of this.<\/p>\n\n\n\n

\"phish<\/a><\/figure><\/div>\n\n\n\n

Waikato DHB\u2019s current working hypothesis is that it was an email containing a link to ransomware that brought down the hospital, and all it\u2019s services. So that\u2019s one person who changed everything, and basically put lives at risk. That, of course, is the worst-case scenario. There aren\u2019t many organisations that could put lives at risk if their IT systems went down or were infected with ransomware.<\/p>\n\n\n\n

But the impact to your company could still be at a high level. Think of the impact if everything was inaccessible, for days \u2013 or longer. There are some companies (too many of them) that have gone bankrupt as a result of things like this. They simply couldn\u2019t get everything back to where it should be, and had to close their doors.<\/p>\n\n\n\n

Don\u2019t be that company.<\/p>\n\n\n\n

Don\u2019t give up hope \u2013 train your staff<\/strong><\/h2>\n\n\n\n

There are a number of things you can do to help yourself avoid that situation. Number one is training your staff on what to look for in an email. Yes, Waikato DHB should have – and likely does have \u2013 some excellent security in place around emails and ransomware. But there is always a chance that just that one could get through, and that\u2019s exactly what happened.<\/p>\n\n\n\n

\"phishing<\/a><\/figure><\/div>\n\n\n\n

One dodgy email getting through is not an issue if your staff member doesn\u2019t click on any links, either in the email or in an email attachment. This is why we run a Phishing Education session<\/a>, just 30 minutes long and targeted towards how to spot a phishing email, and other basic IT security topics like passwords.<\/p>\n\n\n\n

This phishing education session could save your company time, a lot of money, and your reputation.<\/p>\n\n\n\n

Immutable Backups – use them if you can<\/strong><\/h2>\n\n\n\n

Secondly, you need to know that you have backups of all your data safely locked away. Some cloud backup providers, like AWS and now Microsoft with its Azure product, offer \u2018immutable\u2019 backups<\/a>. This means that if your backups are stored with them, they can\u2019t be altered for a certain amount of time \u2013 generally 7 days \u2013 after the data was received. Simply put, it means that if your company was attacked with ransomware, those backups are set to read-only so cannot be encrypted by ransomware.<\/p>\n\n\n\n

If you are utilising either of these cloud services, we strongly encourage you to use immutable backups.<\/p>\n\n\n\n

Find out where you stand<\/strong><\/h2>\n\n\n\n

This may also be the time to have an IT audit<\/a> on your backups, or your entire IT security\/IT systems. Icon IT can do any or all of these for you; we know that often there simply isn\u2019t time to do this yourself, and honestly, sometimes it\u2019s better to get someone with a fresh pair of eyes to look at your systems.<\/p>\n\n\n\n

We\u2019re happy to have a chat with you and discuss, with no obligation.<\/p>\n\n\n\n

\n
\n

<\/p>

    <\/ul><\/div>\n
    \n
    \n\n\n\n\n\n\n\n<\/div>\n