Buckle Up, It’s Going to be a Wild Cyber Ride!

Breathing a sigh of relief that the WannaCry ransomware attack didn’t hit your organization?  Thinking you’ve dodged that bullet?  Well, think again!  If trends are any indication, and they typically are, I think it’s going to get a lot bumpier.  Below are some incidents that lead me to to this conclusion.  So, buckle up and hold on tight!

January 2015Largest Single Healthcare Breach - Anthem Insurance breach affecting over 80 million people.  Investigations point to state sponsored cyber-theft by China.  Anthem is a major insurer of U.S. Government employees.

February 2016 - Ransomware Attacks Hospital - Hollywood Presbyterian Medical Center hit by ransomware and all their computers were disabled. Patients were transferred to other hospitals and staff had to revert to paper to continue providing care to the remaining patients.   A series of hospitals were then successfully targeted.  Ransomware use has soared since.

October 2016 - Successful Attack of Internet Infrastructure - Distributed Denial of Service (DDOS) attack on Dyn, an internet infrastructure company severely disrupted the East Coast shutting down PayPal, Twitter, Netflix, and many other companies. First Major Cyber Attack using IoT Devices - Hundreds of thousands of IoT (Internet of Things) devices like webcams, thermostats, video reorders, etc. were redirected to message the Dyn facility and overload it.

April 2017 - NSA Hacking Tools Released - Shadow Brokers leak NSA's hacking arsenal providing cyber criminals more sophisticated and effective ways to access IT systems and steal data.

May 2017Global Ransomware Attack - WannaCry ransomware unleashed a global assault not seen before, that spread across 200 countries in just a few short days. An estimated 300,000 systems infected worldwide and in England, 48 hospitals were crippledfrom the attack.  WannaCry also infected a range of medical devices that shook manufacturers like Siemens and Bayer. WannaCry leveraged vulnerabilities identified from the NSA leaks. The finger is being pointed at North Korea.

What does this list of cyber incidents foreshadow for the future?  Well, the hackers are more sophisticated and capable, being able to breach strong defenses and shut down infrastructure.  They can hack sophisticated systems or "simple" IoT devices to gain their goals.  Clearly, ransomware is the weapon of choice and will be for the foreseeable future.  It puts cash in their pockets faster, with less effort.  Our list of vulnerabilities seems to be multiplying and we are up against a wide range of threats; lone-wolf hackers, organized crime, and nation-state actors, all of which can cripple your business or even destroy it.  It feels like IT terrorism!

What can you do to protect your organization?  Partner with a reputable organization who can identify your vulnerabilities and bring transparency to your IT security.  Help put processes in place to maintain and strengthen security without overburdening your organization.

Contact Third Rock for additional information at:  info@thirdrock.com.  We can help!

Ed Jones, PMP, CHSP
About the Author

Over 30 years of customer facing experience managing projects in healthcare, IT, process automation in a variety of tech industries, Ed has worked for start-ups to Fortune 100 companies. He has performed numerous complex and extensive risk assessments, and developed and managed the corresponding risk management strategies.

%d bloggers like this: