Connect with us

Featured

Five steps for companies to respond to cyber attacks

Published

on

A dreaded issues an IT team has to deal with is that of ransomeware. However, PETER ALEXANDER, CMO, Check Point, offers five tips on how to avoid it.

It’s the call that IT teams dread:  an employee is reporting that their PC screen is flashing red, with a message telling them that their files are encrypted and that they need to pay a ransom to get them unscrambled.  What should they do next?

The actions that the organisation takes over the next few minutes, and hours, will be critical in determining just how big – or small – an impact the cyberattack will have.   What’s more, a cyberattack does not only negatively impact the company’s physical IT systems:  it also causes stress and puts employees under pressure too.

A recent paper from the University of Haifa found that cyberattacks have a strong psychological impact on all staff, increasing their levels of anxiety, stress and panic – which can then lead to mistakes being made, and in turn further damage.

So how should organisations go about eliminating these human, panicky and emotional reactions to cyber incidents, and develop a more coordinated, conditioned response?

Training is never in vain

A key example is the rigorous training that airline pilots are given in dealing with unexpected events:  they are provided with extensive checklists and procedures that cover virtually every eventuality, from running out of fuel, to engine failure, to structural damage.  And those procedures are practiced again and again, both in simulators and in flight conditions, so that in a real-time emergency situation, their response becomes an automatic reflex action.  The result is that when an incident happens, the first thing the pilot and co-pilot will do is turn off the warning alarm, so that they can think clearly and start running through the appropriate checklist.

Enterprises need to undertake similar, rigorous planning to help them respond quickly and accurately to breaches or attacks.  They should prepare an incident response (IR) plan, and assemble an IR team that includes all relevant internal stakeholders – such as IT and security specialists, HR and PR teams, plus in some cases, specialist external resources.   Also, preparation alone isn’t enough:  the execution of the plan needs to be practiced, through realistic training drills.

To help organisations develop faster, more effective responses, here are five key steps that they should follow, whether in a training exercise or in the wake of a genuine incident.

  1. Recognize the incident is happening

The critical first step is for staff to take the attack seriously and move swiftly, but without panic.  Think of the ideal response to a fire alarm in an office building:  everyone should immediately stop what they are doing and make their way to the exits without pausing to gather their possessions or empty their desks.   A cyber incident should be granted the same instant attention and focus.  As soon as it is identified, all staff need to be alerted, smoothly and efficiently, and given clear, calm instructions as to what to do next, whether that is simply stepping away from their desks, or shutting down their PCs or devices.

  1. Gather the resources you need

This means mobilizing the security tools and technology, as well as the trained staff which make up your organization’s security infrastructure, and getting them to focus on mitigating the incident.  Clearly, not all staff will need to be involved in this stage, so it’s all about pulling together the right experience and expertise – fast.  Your IR plan should set out which personnel need to be involved, and if any external security resources are to be used.

Of course, assembling the combination of tools and talent isn’t cheap.  But the investment and time required to build effective defenses is dwarfed by the real-world costs of cyberattacks, in terms of remediation of immediate damage and subsequent fallout.  The NotPetya ransomware attack of summer 2017 was estimated to have cost global logistics firm FedEx $300M in lost revenue and clean-up costs, and pharmaceutical giant Merck & Co stated that NotPetya cost it around $135M.  So with companies on average experiencing two cyberattacks per week which breach their defenses, it’s clear that it’s far better to invest in preventing attacks, than to pay the far higher costs for a cure after the fact.

  1. Execute your IR plan

This is the active stage, in which you should work through your IR plan step by step to determine what the nature of the attack is, how it breached your defenses, how it can be isolated, and how the damage can be remediated.  For organisations that do not have an IR plan to hand, it may be best to call in external specialist help at this stage:  but for the future, here’s a checklist of what the plan should include, and important do’s and don’ts to follow when preparing a plan for your organisation.

  1. Communicate

Too often, organisations stop at stage three. But communication regarding the attack is vital – not only to all your internal stakeholders and employees, but also where necessary to external stakeholders such as partners, customers and investors. This is becoming a regulatory requirement.  All stakeholders, both inside and outside your organisation, need to understand what has happened and what the implications are for them – in language pitched at their level of technical understanding.

This is a specialist stage, which should be left in the hands of your communications team.  The recent revelations about Uber’s 2016 cyberbreach and the subsequent cover-up are a lesson in how not to communicate – and the consequences that might follow.

  1. Learn

Once again, this is a truly crucial element of IR that is too often neglected.  Every cyberattack should generate serious lessons for the organisation in question. After an attack active steps should be taken to repair the vulnerability, modify and improve the exploited process, retrain any staff that may have made a mistake, and put in place, or update the existing IR plan.  Inability to learn from and take steps to improve cyber protection after suffering an attack leaves the organisation vulnerable to a similar attack occurring again.

In conclusion

Effective incident response is about training and practice.  Developing an IR plan and keeping it updated involves work and investment – but during a cyberattack, that investment will pay dividends.  Whether you decide to handle your IR internally or draw on external expertise, it’s important to make a plan now, and test it against possible attack scenarios.  This will help to eliminate panic during an attack, limit the damage and fall-out from the incident and get your business ‘back to normal’ as fast as possible.

Featured

When will we stop calling them phones?

If you don’t remember when phones were only used to talk to people, you may wonder why we still use this term for handsets, writes ARTHUR GOLDSTUCK, on the eve of the 10th birthday of the app.

Published

on

Do you remember when handsets were called phones because, well, we used them to phone people?

It took 120 years from the invention of the telephone to the use of phones to send text.

Between Alexander Graham Bell coining the term “telephone” in 1876 and Finland’s two main mobile operators allowing SMS messages between consumers in 1995, only science fiction writers and movie-makers imagined instant communication evolving much beyond voice. Even when BlackBerry shook the business world with email on a phone at the end of the last century, most consumers were adamant they would stick to voice.

It’s hard to imagine today that the smartphone as we know it has been with us for less than 10 years. Apple introduced the iPhone, the world’s first mass-market touchscreen phone, in June 2007, but it is arguable that it was the advent of the app store in July the following year that changed our relationship with phones forever.

That was the moment when the revolution in our hands truly began, when it became possible for a “phone” to carry any service that had previously existed on the World Wide Web.

Today, most activity carried out by most people on their mobile devices would probably follow the order of social media in first place – Facebook, Twitter, Instagram and LinkedIn all jostling for attention – and  instant messaging in close second, thanks to WhatsApp, Messenger, SnapChat and the like. Phone calls – using voice that is – probably don’t even take third place, but play fourth or fifth fiddle to mapping and navigation, driven by Google Maps and Waze, and transport, thanks to Uber, Taxify, and other support services in South Africa like MyCiti,  Admyt and Kaching.

Despite the high cost of data, free public Wi-Fi is also seeing an explosion in use of streaming video – whether Youtube, Netflix, Showmax, or GETblack – and streaming music, particularly with the arrival of Spotify to compete with Simfy Africa.

Who has time for phone calls?

The changing of the phone guard in South Africa was officially signaled last week with the announcement of Vodacom’s annual results. Voice revenue for the 2018 financial year ending 31 March had fallen by 4.6%, to make up 40.6% of Vodacom’s revenue. Total revenue had grown by 8.1%, which meant voice seriously underperformed the group, and had fallen by 4% as a share of revenue, from 2017’s 44.6%.

The reason? Data had not only outperformed the group, increasing revenue by 12.8%, but it had also risen from 39.7% to 42.8% of group revenue,

This means that data has not only outperformed voice for the first time – as had been predicted by World Wide Worx a year ago – but it has also become Vodacom’s biggest contributor to revenue.

That scenario is being played out across all mobile network operators. In the same way, instant messaging began destroying SMS revenues as far back as five years ago – to the extent that SMS barely gets a mention in annual reports.

Data overtaking voice revenues signals the demise of voice as the main service and key selling point of mobile network operators. It also points to mobile phones – let’s call them handsets – shifting their primary focus. Voice quality will remain important, but now more a subset of audio quality rather than of connectivity. Sound quality will become a major differentiator as these devices become primary platforms for movies and music.

Contact management, privacy and security will become critical features as the handset becomes the storage device for one’s entire personal life.

Integration with accessories like smartwatches and activity monitors, earphones and earbuds, virtual home assistants and virtual car assistants, will become central to the functionality of these devices. Why? Because the handsets will control everything else? Hardly.

More likely, these gadgets will become an extension of who we are, what we do and where we are. As a result, they must be context aware, and also context compatible. This means they must hand over appropriate functions to appropriate devices at the appropriate time. 

I need to communicate only using my earpiece? The handset must make it so. I have to use gesture control, and therefore some kind of sensor placed on my glasses, collar or wrist? The handset must instantly surrender its centrality.

There are numerous other scenarios and technology examples, many out of the pages of science fiction, that point to the changing role of the “phone”. The one thing that’s obvious is that it will be silly to call it a phone for much longer.

  • Arthur Goldstuck is founder of World Wide Worx and editor-in-chief of Gadget.co.za. Follow him on Twitter on @art2gee and on YouTube
Continue Reading

Featured

MTN 5G test gets 520Mbps

MTN and Huawei have launched Africa’s first 5G field trial with an end-to-end Huawei 5G solution.

Published

on

The field trial demonstrated a 5G Fixed-Wireless Access (FWA) use case with Huawei’s 5G 28GHz mmWave Customer Premises Equipment (CPE) in a real-world environment in Hatfield Pretoria, South Africa. Speeds of 520Mbps downlink and 77Mbps uplink were attained throughout respectively.

“These 5G trials provide us with an opportunity to future proof our network and prepare it for the evolution of these new generation networks. We have gleaned invaluable insights about the modifications that we need to do on our core, radio and transmission network from these pilots. It is important to note that the transition to 5G is not just a flick of a switch, but it’s a roadmap that requires technical modifications and network architecture changes to ensure that we meet the standards that this technology requires. We are pleased that we are laying the groundwork that will lead to the full realisation of the boundless opportunities that are inherent in the digital world.” says Babak Fouladi, Group Chief Technology & Information Systems Officer, at MTN Group.

Giovanni Chiarelli, Chief Technology and Information Officer for MTN SA said: “Next generation services such as virtual and augmented reality, ultra-high definition video streaming, and cloud gaming require massive capacity and higher user data rates. The use of millimeter-wave spectrum bands is one of the key 5G enabling technologies to deliver the required capacity and massive data rates required for 5G’s Enhanced Mobile Broadband use cases. MTN and Huawei’s joint field trial of the first 5G mmWave Fixed-Wireless Access solution in Africa will also pave the way for a fixed-wireless access solution that is capable of replacing conventional fixed access technologies, such as fibre.”

“Huawei is continuing to invest heavily in innovative 5G technologies”, said Edward Deng, President of Wireless Network Product Line of Huawei. “5G mmWave technology can achieve unprecedented fiber-like speed for mobile broadband access. This trial has shown the capabilities of 5G technology to deliver exceptional user experience for Enhanced Mobile Broadband applications. With customer-centric innovation in mind, Huawei will continue to partner with MTN to deliver best-in-class advanced wireless solutions.”

“We are excited about the potential the technology will bring as well as the potential advancements we will see in the fields of medicine, entertainment and education. MTN has been investing heavily to further improve our network, with the recent “Best in Test” and MyBroadband best network recognition affirming this. With our focus on providing the South Africans with the best customer experience, speedy allocation of spectrum can help bring more of these technologies to our customers,” says Giovanni.

Continue Reading

Trending

Copyright © 2018 World Wide Worx