It seems like it should always be cyber awareness month as it is truly a year-round concern. Kind of like Valentines Day is supposed to highlight love for a significant other, but you should be loving them every day!
No type of company is safe. They all have targets on their backs. Big? Great, it’s a challenge and you have lots of things criminals want (things to steal with value on the black market, money to spend). Small? Great, you don’t spend money on cybersecurity so it’s like taking candy from a baby. Let’s examine the ways in which they will mess with a business owner’s ability to do business.
Starting small, ransomware attacks generally go off a denial of service (DoS), where it does what it says: denies you access to something you need to operate so you can’t effectively serve your clients. The cost? Time and money. Even if you and your company are not the direct target of a DoS attack, you can still be impacted. This is common when the internet service provider (ISP) is attacked. If it doesn’t work, none of the computers on that network will have internet access.
There are a few ways to help protect and defend against a DoS attack, one of them being a disaster recovery plan! Disaster recovery is a specialized part of a business continuity plan! DR helps with keeping massive amount of data up to date and backed up across a variety of devices. Cloud computing is a way to farm out doing DR since you trust the vendor has the DR under control, but, as mentioned already, if that source is attacked, then your business is indirectly attacked. You should still do your own backup.
MGM Grand – ransomware is both a DoS attack and, for the smart alecks that can get around the DoS, it is holding valuable information hostage, the release of which will cause a lot of damage to the reputation of the company (and potentially their bank accounts). The hospitality industry holds a great deal of information about their guests – names, addresses, birthdays, credit card, passport information – not just from registration but also from rewards programs. And almost everything in a fancy casino hotel is digital, from the rooms to the gaming floor! Doors, lights, phones, apps, gaming machines...you name it. The rewards app still isn’t fully functional almost a month later.
Think of the millions each day MGM takes in across all their properties (it is estimated to be $8M alone in lodging). That is why they invest in cybersecurity. However, that potential value loss from downtime is exactly why they are a target: the harder hit they are, they more likely they will pay (the hackers assume, anyway).
So how did the cyber criminals get access to the MGM Grand system since they do invest a lot of money in cybersecurity? A 10-minute phishing phone call to the IT department, pretending to be an employee, whose information they got off LinkedIn. You’re only as strong as your weakest link and human emotion is a very weak link.
MGM complied with the new SEC requirement to disclose any material cyber event as soon as it is determined the event is material. For this incident, they complied on the 3rd day because it was clearly material. Good for them! Their stock price did take a massive hit, though.
As a business-smaller-than-MGM, how do you know an attack is happening? Slowed service is one way. An inability to access websites is another.
What can you do? At this point, help confirm your suspicions by calling the IT department or your ISP and ask if they are testing or doing maintenance on the network or if there is an outage. Detection is usually the hardest part. If it is through a vendor, ask them what to do – they should be able to set expectations and inform you about the event. If it’s in-house, that answer depends on how much you’ve invested in BC and DR…
Comments