Tackling NZ cybercrime in 2017: Why recovery is just as important as prevention
Cybercrime is nothing new. Every year, businesses across New Zealand are hit by some sort of virtual attack. Although Microsoft's Malware Infection Index 2016 ranked New Zealand 18 out of 19 Asia Pacific markets, the idea that businesses are safe is wrong. According to Keshav Dhakad, head of Digital Crimes Unit at Microsoft, the "Internet has no boundaries" and every business, including those in New Zealand, are vulnerable.
In fact, a recent story on CIO highlighted just how sophisticated the world of cybercrime is becoming. With big money to be made from hacking into a company's database and stealing sensitive information, scammers are now attempting to dupe the hackers. Selling everything from fake databases to made-up credit card information, scammers are posing as legitimate hackers in an attempt to make money from those in the virtual underworld.
Hacking is Becoming a Complex Industry
In response to the recent surge in scammers, a new database called Ripper.cc has been set up. The idea behind it is to store a list of known scammers so that cybercriminals can avoid them in the future. Aside from Ripper.cc giving cybercriminals a better insight into the rats in their own community, the site is evidence of how hacking is now an industry and not a pastime. If that's the case, businesses need to be even more vigilant.
Naturally, everything from web application firewalls, passwords and levels of access should all be a standard for any business with an online presence. However, what if it all goes wrong? What if a hacker does manage to break through your defences and access your company's sensitive data? According to data security company Incapsula, a disaster recovery plan (DRP) is not only essential for responding to these situations, but for helping to prevent them.
Learning How to Recover is Crucial
As defined by Incapsula, DRP is the process of responding to a disaster scenario in such a way that it supports "time-sensitive business processes and functions" and maintains "full business continuity." From a preventative perspective, a DRP gives businesses a clear idea of what risks it can face in the virtual world. Indeed, before defining what steps need to happen in order to recover from a disaster, a company first needs to know what potential disasters are out there.
Once your system is compromised and in a "disaster" state, the strategy you then use will be dependent on whether you're concerned about how long your service is offline (Recovery Time Objective - RTO) or how old data is handled once you're back online (Recovery Point Objective - RPO). Naturally, cost and practicality will affect a company’s DRP. For example, a "hot-hot" system using synchronous replication will ensure that a system is 100% synchronised at all times. This means that in the event of an attack, a parallel system kicks in so that your service stays online.
Small Businesses Can Also Afford a Recovery Plan
However, this method is resource intensive and, therefore, something that smaller businesses may not be able to afford. As an alternative, semi-synchronous replication will only kick in once a series of changes have been detected. If a company can afford some loss of data or downtime, this sort of system can be effective as it gives them just enough breathing space to recover and get back online without being too costly.
Whichever way you look at it, cyber security is essential for New Zealand businesses and a DRP is an important part of a complete strategy. Indeed, with The Herald reporting that cyber-attacks have more than doubled over the last five years, businesses across the country can't afford to take any risks. Although DRPs might seem like something only the biggest companies need to worry about, it's worth remembering that data from any source can be valuable for a hacker.