Cybersecurity has already become the battlefield of the future.
The NotPetya malware attack on the 27th of June 2017 made this a reality, declared by experts as an attack by Russia on Ukraine. Other companies and countries were affected around the globe through collateral damage.
"[Insurer] Zurich refused the claim on the grounds of the attack being 'An act of war'."
Future war, Cyberattacks
The NotPetya malware attack of June 2017 made world headlines, and caused over $3 billion dollars of damage.
Australia was fortunate - most of the damage was done in Ukraine, Russia, Denmark, USA and Italy.
The fact that Ukraine was hardest hit is not a coincidence - it has been widely accepted that NotPetya wasn't the traditional Ransomware attack for organised crime to ransom for money, but an act of cyberwar by Russia on Ukraine.
One company affected in Australia was Mondelez, owners of the Cadbury chocolate brand.
Aussies came close to a national catastrophe as the chocolate factory outside of Hobart Tasmania was brought to a stop following infections of the PC-destroying malware.
18 months later, Mondelez is suing insurers Zurich after they refused to pay their $100 million USD insurance claim. Zurich refused the claim on the grounds of the attack being "An act of war".
Specifically, Zurich categorised it as a "hostile or warlike action in time of peace or war" - something no insurer will cover.
If future cyberattacks are attributed to "acts of war" between nations, we may see more insurance claims rejected. Insurance is still required to protect against other forms of cyberattack and disasters, but the risk that we could be refused a claim on "hostile or warlike" cyberattacks is concerning.
Firstly, the success of the attack will encourage more state-based cyberattacks on other nations.
Additionally, if insurers align future malware attacks with nation-state cyberwar, more claims will be refused.
What protection do I have?
For Aussie SMEs, protecting ourselves will require sensible changes to policy and procedure, and keeping fairly up-to-date with technological changes. The best defence against the possibility of an insurer refusing a claim on grounds outside of our control is to reduce the chances of being affected at all.
In summary we recommend the following:
Have all Remote Desktop servers behind a Virtual Private Network (VPN) - don't leave your business gateways Internet-facing, where only a single password is required to access key infrastructure.
Use a Multi-Factor Authentication (MFA) system - Diamond is now offering MFA as a service. Multi-Factor Authentication (also known as 2 Factor Authentication or 2FA where only 2 methods are used) is where something more than a password is required to access an account. This can be an access code sent via SMS or phone app, or responding to an email, or some form of biometric identification.
Keep using complex passwords - Passwords are still required. Until they're replaced with something better, we'll need to keep increasing their complexity and length. Consider using a password manager. Having unique passwords for each account is very important - it prevents the use of a password cracked on a weak system being used without resistance on a strong system. Using a long well known phrase is no better than a short complex password - for example just about every quote in Wikipedia is easily found and used by password cracking tools.
Regularly update software and firmware - The exploits used by NotPetya and WannaCry malware attacks happened months after the vulnerability they used were patched in Windows 10 and Windows 7. All software and firmware needs to be updated as often as is practical. The use of retired operating systems such as Windows XP, Server 2003 vastly increases your risk of becoming a victim of cyberattacks. Plan ahead - Windows 7 and Server 2008 will 'walk the plank' in less than a year, on the 14th of January 2020.
We're here to help
We offer specialist security consulting through our Diamond consultancy team, and our Business Technology Managers (BTMs) are experienced in assisting organisations in improving their cybersecurity and disaster recovery systems.
We also have available a free Cybersecurity Health Check, where you can give your organisation a quick cyberhealth checkup.
Contact us below or call us today on 1300 307 907.