When we take a look at the WannaCry ransomware attack, it hit more than 200,000 computers in 150 countries. Cyence researchers estimate that the business interruption costs to companies will add up to over $8 billion; while the payout was estimated at about $74,184 (according to the bitcoin wallets being monitored). These numbers show the monetary consequences a ransomware attack can have on an organization, but what about the business disruption it can cause?
Three days after the attack, NHS hospitals were still struggling due to their computer systems being locked down. Furthermore, previously unaffected hospitals revealed to have fallen to WannaCry ransomware as well. The ransomware affected those organizations using Windows XP and other unsupported Microsoft operating systems. A total of 61 NHS organizations (ranging from hospitals to GP surgeries) were affected by WannaCry; and in addition to lockdown from their systems, hospitals had to cancel patient appointments until their services were back up to normal levels of operations.
Article after article discussed the ways organizations could prevent and prepare for a ransomware attack. These security tips included: patching, replacing outdated operating systems, practicing safe email use by doing things like not clicking on links from suspicious emails and deleting those emails; but very few of these articles talked about business continuity planning.
Since everything that is run on a system is digital data and functions on a network, part of an effective security approach (to any type of cyberattack) must include a business continuity plan. Even though the security industry tends to treat business continuity as separate to cybersecurity, this is not the case; the two go hand in hand because if cyberattack takes place, a business continuity plan can ensure disruption is reduced to a minimum.
A business continuity plan includes establishing regular back-ups of data, on and offline, so that even though organizations are locked out of their system they can still access that data. Additionally, a good business continuity plan will also ensure everyone in the organization knows what to do in order to reduce access to sensitive data once the network and system have been compromised. For example, disabling the use of network file-sharing and ensuring two-factor authentication is in place for all external access to the system. A business continuity plan also establishes a disaster recovery strategy for other types of uncontrolled disasters such as a hurricane.
Being able to continue operations following a ransomware attack like WannaCry is important especially when you run a business like a hospital; but the reality is that business continuity planning can also help you with breaches and/or natural disasters. The sooner organizations establish a business continuity plan that is regularly reviewed and exercised by the organization at large, the better are their chances of reducing down-time for business operations. This is good for the organization’s sake, and also for customers. For hospitals and energy providers this means saving lives.
Photo courtesy of watcharakun