Story image

Tackling NZ cybercrime in 2017: Why recovery is just as important as prevention

10 Feb 17

Cybercrime is nothing new. Every year, businesses across New Zealand are hit by some sort of virtual attack. Although Microsoft's Malware Infection Index 2016 ranked New Zealand 18 out of 19 Asia Pacific markets, the idea that businesses are safe is wrong. According to Keshav Dhakad, head of Digital Crimes Unit at Microsoft, the "Internet has no boundaries" and every business, including those in New Zealand, are vulnerable.

In fact, a recent story on CIO highlighted just how sophisticated the world of cybercrime is becoming. With big money to be made from hacking into a company's database and stealing sensitive information, scammers are now attempting to dupe the hackers. Selling everything from fake databases to made-up credit card information, scammers are posing as legitimate hackers in an attempt to make money from those in the virtual underworld.

Hacking is Becoming a Complex Industry

In response to the recent surge in scammers, a new database called has been set up. The idea behind it is to store a list of known scammers so that cybercriminals can avoid them in the future. Aside from giving cybercriminals a better insight into the rats in their own community, the site is evidence of how hacking is now an industry and not a pastime. If that's the case, businesses need to be even more vigilant.

Naturally, everything from web application firewalls, passwords and levels of access should all be a standard for any business with an online presence. However, what if it all goes wrong? What if a hacker does manage to break through your defences and access your company's sensitive data? According to data security company Incapsula, a disaster recovery plan (DRP) is not only essential for responding to these situations, but for helping to prevent them.

Learning How to Recover is Crucial

As defined by Incapsula, DRP is the process of responding to a disaster scenario in such a way that it supports "time-sensitive business processes and functions" and maintains "full business continuity." From a preventative perspective, a DRP gives businesses a clear idea of what risks it can face in the virtual world. Indeed, before defining what steps need to happen in order to recover from a disaster, a company first needs to know what potential disasters are out there.

Once your system is compromised and in a "disaster" state, the strategy you then use will be dependent on whether you're concerned about how long your service is offline (Recovery Time Objective - RTO) or how old data is handled once you're back online (Recovery Point Objective - RPO). Naturally, cost and practicality will affect a company’s DRP. For example, a "hot-hot" system using synchronous replication will ensure that a system is 100% synchronised at all times. This means that in the event of an attack, a parallel system kicks in so that your service stays online.

Small Businesses Can Also Afford a Recovery Plan

However, this method is resource intensive and, therefore, something that smaller businesses may not be able to afford. As an alternative, semi-synchronous replication will only kick in once a series of changes have been detected. If a company can afford some loss of data or downtime, this sort of system can be effective as it gives them just enough breathing space to recover and get back online without being too costly.

Whichever way you look at it, cyber security is essential for New Zealand businesses and a DRP is an important part of a complete strategy. Indeed, with The Herald reporting that cyber-attacks have more than doubled over the last five years, businesses across the country can't afford to take any risks. Although DRPs might seem like something only the biggest companies need to worry about, it's worth remembering that data from any source can be valuable for a hacker.

IDC: Smartphone shipments ready to stabilise in 2019
IDC expects year-over-year shipment growth of 2.6% in 2019, while the world's largest market is still forecast to be down 8.8% in 2018.
52mil users affected by Google+’s second data breach
Google+ APIs will be shut down within the next 90 days, and the consumer platform will be disabled in April 2019 instead of August 2019 as originally planned.
New app conducts background checks on potential tenants
Landlords and house owners need to obtain a tenant’s full name, date of birth, email address, and mobile number in order to conduct the search. And most importantly, they have to get the tenant’s permission first.
GirlBoss wins 2018 YES Emerging Alumni of the Year Award
The people have spoken – GirlBoss CEO and founder Alexia Hilbertidou has been crowned this year’s Young Enterprise Scheme (YES) Emerging Alumni of the Year.
IDC: Standalone VR headset shipments grow 428.6% in 3Q18
The VR headset market returned to growth in 3Q18 after four consecutive quarters of decline and now makes up 97% of the combined market.
Meet Rentbot, the chatbot that can help with tenancy law
If you find yourself in a tricky situation  - or if you just want to understand your rights as a landlord or tenant, you can now turn to a chatbot for help.
PlayerUnknown’s Battlegrounds (PUBG) finally releases on PS4
PUBG on PS4 feels like it’s still in Early Access as the graphics look horribly outdated and the game runs poorly too. 
How AI can fundamentally change the business landscape
“This is an extremely interesting if not pivotal time to discuss how AI is being deployed and leveraged, both in business and at home.”