Crippling cyberattack shows businesses’ vulnerability

Standby Consulting Ltd managing director Sam Mulholland believes small businesses do not realise...
Standby Consulting Ltd managing director Sam Mulholland believes small businesses do not realise how big an impact cyberattacks can have. PHOTO: GREGOR RICHARDSON
A South Island business which paid a ransom after being crippled by a cyberattack has prompted a warning for companies to take the threat seriously.

The business, which the Otago Daily Times has agreed not to name for security reasons, was the target of an attack for two weeks in September.

The attack took out its computer systems, telephone and commercial data.

The business ended up paying the hacker’s ransom to restore its system.

The business’ initial review suggested the attack was an extraordinary case of bad luck. It was caught up as collateral damage through another New Zealand company’s internet address, that was associated with the Dunedin company’s IT services, the owner said.

It seemed the highly sophisticated nature of its IT system exposed the company to greater risks, which resulted in it becoming the target of a professional offshore hacking group.

The attack had been an ‘‘excellent learning opportunity’’ for the business and it wanted to help others learn from their experience, the business spokesman said.

The company did not reveal how much it paid the cyberattackers.

Standby Consulting managing director Sam Mulholland said the attack served as a reminder for businesses to take cybersecurity seriously as attacks could ‘‘literally ruin’’ their company.

Mr Mulholland spoke at a Business South event this week about business continuity planning especially in the age of cyberattacks.

He has worked with companies in New Zealand and the Middle East, creating plans for when things went wrong.

‘‘The No8 wire mentally of ‘She’ll be right’ just doesn’t work anymore.’’

Speaking after the event, Mr Mulholland said cyberattacks were a major threat to businesses.

Mr Mulholland said he believed small businesses overall were not taking the threat seriously enough and did not have plans in place for if it happened.

‘‘It is not just the big corporates, the hackers are after anything that they can get their hands on.’’

The cyberattack that crippled the Waikato District Health Board in May should be used as an example of how bad an attack could be.

A continuity plan allowed businesses to know what to do with staff, media, assets and even the company’s brand when an attack happened.

Clear communication with stakeholders was also key, Mr Mulholland said.

Cyberattacks used to be conducted by specific groups, but now it was conducted by ‘‘software as a service’’, which meant anyone could buy ransomware that kept working until it found a link into a businesses’ servers.

A police spokesman said it generally did not recommend paying any ransom demands, despite the temptation to do so.

‘‘Paying ransoms incentives criminal groups to continue to target New Zealand victims,’’ they said.

Police asked people affected by a cyber crime to report them.

riley.kennedy@odt.co.nz

 

 

Sponsored Content

drivesouth-pow-generic-1_0.png

 

suv-updated-banner_0.jpg

 

 

Advertisement

postanote_header_620_x_80.png

postanote_620_x_25.jpg

Local trusted journalism matters - now more than ever

As the Covid-19 pandemic brings the world into uncharted waters, Star Media journalists and photographers continue to report local stories that matter everyday - yours.

For more than 152 years our journalists have provided Cantabrians with local news that can be trusted. It’s more important now than ever to keep Cantabrians connected.

As our advertising has fallen during the pandemic, support from you our reader is crucial.

You can help us continue to provide local news you can trust simply by becoming a supporter.

Become a Supporter