Malicious cybercriminals continue to pose a threat to organizations of all shapes and sizes, no matter the status, impact or reach of the organization, nor the security measures they have in place. We are more than halfway through 2022, and this year alone, we have seen organizations torn down by rampant cyberattacks that continue to affect both private and public organizations, as well as government agencies. These attacks have driven IT teams to shut down online systems in their entirety, exposed the personal data of customers and employees, and ultimately put millions of people at risk.
While the safety of customers/employees and their personal data during these attacks remains the top priority, it’s important to acknowledge the severe impact these incidents have on day-to-day business operations. Oftentimes, ransomware or similar cyberattacks cause companies’ IT systems to be knocked offline, either by force or as an attempt to prevent further damage. In February of this year, Toyota plastic parts supplier Kojima Industries suffered a cyberattack that forced a suspension of 28 operating production lines across 14 plants in Japan. The downtime resulted in an approximate 5% drop in monthly production in Japan, about 13,000 units. According to Gartner, IT system downtime causes an average loss of $300,000 per hour. It goes without saying that business continuity is a huge area of concern when dealing with network outages such as the one that Kojima experienced. Time spent offline can lead to production decline, dissatisfied customers and ultimate loss of revenue, taking cyberattacks from bad to worse.
A few other notable cyberattacks so far this year:
- Shields Health Care Group: In June of this year, Shields suffered a data security incident that impacted over two million patients and their data. The threat actor compromised the network and stole names, social security numbers, diagnoses, insurance information and other sensitive medical details, and is now facing a class action lawsuit claiming that the organization failed to implement reasonable and appropriate safeguards to keep patient data private and confidential, and protect against unauthorized access and disclosure.
- SpiceJet: India’s second largest airline, SpiceJet, recently came under customer fire when flights were severely delayed after the airline fell victim to an attempted ransomware attack that impacted some of its online systems. Fliers also complained of inaccessible booking systems and customer service, causing customer trust and satisfaction to waver.
- Knauf Gips KG: Most recently, construction material producer and supplier Knauf was targeted by an up and coming ransomware gang, causing all of its IT systems to be forced offline while the company attempted to isolate the attack. Unable to carry out routine processes due to system wide downtime, Knauf’s operations were most likely affected, causing potential loss of revenue and production decline.
Preventing Cyberattacks with Network Automation
The most effective way to ensure business continuity following cyberattacks is by preventing them in the first place. Network security automation should be a key component to an organization’s security infrastructure. Consolidating and automating critical but labor intensive tasks into a single, no-code platform ensures that routine business processes continue without disruption, ultimately contributing to the overall success of the company by eradicating any IT downtime caused by human error, outside threats or other system flaws. With BackBox, updating thousands of devices can be easily automated and validated to mitigate vulnerabilities and eliminate IT downtime.
Business Continuity & Backup and Recovery Best Practices
When it comes to reducing network downtime to an absolute minimum in the case of cyberattacks, having a solid plan in place for recovery is of the utmost importance. IT and security teams should be prepared for the worst. In the event that an organization must restore the network from scratch, systemwide network automation must be implemented in order to get things back up and running as quickly and efficiently as possible. The teams should also be familiar with what exactly is being backed up and how often– the inability to offer a complete and specific list of everything that is being backed up is an indication that there is too much ambiguity in the existing plan. Additionally, there should be a set cadence for how often regular backups are taking place. To ensure that the recovery process is as seamless as possible, any member of the IT team should be able to run emergency operations in the event of a crisis rather than depending on only a few pre-determined team members. It is critical that these operations can be completed quickly. Lastly, improvement of recovery time should always be a priority.
Interested in learning more about how BackBox can help your company protect against and prepare for cyberattacks? Download an evaluation copy here.