Industry News

Vigilance the key IT Security skill – but can humans master it?

Managed IT Services - a vigilant woman inspects her PC with binoculars

SUMMARY

  • Ransomware isn’t going anywhere, in fact it is increasing
  • Every week brings new examples of known companies being compromised
  • Employee awareness is a key part of the defence, but there’s an important role for software that fights “vigilance fatigue”.

In the year of the pandemic, it’s been easy to lose sight of the other recent plague – ransomware.

The world hasn’t experienced a major WannaCry or NotPetya-style worm-driven attack in a long time, but that doesn’t mean ransomware authors have been any less busy.

In fact, news broke just this week of an attack on Seyfarth Shaw, a global law firm with offices in NSW and VIC, and Spotless Group.

Seyfarth Shaw’s IT team became aware of the attack as it was unfolding, and managed to quarantine it, but not before a number of systems were encrypted and had to be shut down.

The US head office of Seyfarth said it is “coordinating with the FBI” and “working around the clock to bring our systems back online as quickly and safely as possible.” Source IT News.

Australia’s Spotless Group was attacked last Friday the 9th of October. It deployed business continuity plans to keep delivering services, but the attack was serious enough to notify the Australian Cyber Security Centre and call in external experts to dissect it and ensure a smooth recovery.

These issues highlight two key takeaways

  1. Ransomware hasn’t hit the mainstream news headlines much this year, but it’s increasing at a concerning rate. Checkpoint produced a report in June that indicated a 50% increase, on average across the countries protected by its security product.

Indeed, as IT News noted, Spotless is just the latest in a string of Australian business entities that have been attacked with ransomware in 2020. Others in the list include Toll Group, Lion, BlueScope and Regis Healthcare.

  1. Vigilance is a key IT skill that can be encouraged through IT Security training but no amount of training can see it maintained 100% of the time. The reason that many ransomware schemes are successful is that humans are fallible and can be tricked into clicking on links that, in retrospect, should have been more thoroughly questioned. Humans need backup.

Vigilance in a Bottle

Your IT team (either a Managed IT Service Provider or your in-house team) needs to deploy a Security Event Monitoring Platform that can alert it quickly to ransomware infections, which can rapidly encrypt whole networks if left unchecked. It’s the backup for when human vigilance fails.

The last word…

Do you have a Security and Incident Event Management (SIEM) platform that could detect the rapid encryption of your company files? It’s an essential part of all large to enterprise-size companies’ IT toolkits.

AWARDS

Our Address

Telephone 

1300 667 871 or +61 7 3220 0352

Brisbane Office

Level 5, 488 Queen Street, Brisbane, QLD 4000

Sydney Office

Level 21, 133 Castlereigh Street, Sydney, NSW 2000

Melbourne Office

Level 28, 303 Collins Street, Melbourne, VIC 3000

Our Services

Industry Expertise