Failure’s Not An Option: IT Downtime Can Destroy Your Business

Most IT managers have some degree of understanding regarding just how damaging IT downtime can be. Ransomware, for instance, single-handedly raked in $209 million in the first three months of April – and that amount doesn’t even factor in the crippling hidden costs.

However, the grimmest prospect, a company shutdown as a result of a serious IT-related setback, often goes overlooked as a remote possibility.

Our question is this: Why?

IT Downtime Can Damage Your Business Irreparably

Business continuity and IT uptime are essentially synonymous at this point. On any given day, most – if not all – of an organization’s operational workflows are tangentially or directly dependent on IT infrastructure. This could be an organization’s on-premises servers, its mission-critical endpoints (i.e. mobile data computers for law enforcement, computers on wheels for the medical sector), enterprise computers, point-of-sale systems, company kiosks and so on. Long story short, regardless of your industry or vertical, IT disruptions have significant potential to cause your business harm, and much more than you may realize.

According to The Ponemon Institute, the cost of IT downtime is $7,900 per minute on an average. For small and medium-sized companies, the actual monetary amount may be less; however, the risks are actually compounded. A study conducted by the Small Business Administration found that 43 percent of small businesses never recover from extensive data loss. While alarming, that statistic doesn’t necessarily tell the full story. After all, there’s only so much an organization can do to defend its assets against

Malware Mayhem : Utilitity Providers Are Being Bombarded With Cyberthreats

Various strains of malware have been impacting the critical infrastructure in the U.S. and beyond. Especially that of critical utility providers. Perhaps the most high-profile example occurred in late 2015 when roughly 100,000 Ukrainians were left in the dark following an apparent breach of several of the nation’s top energy companies. Upon investigating, researchers have come up with multiple theories for exactly how the hackers orchestrated the attack. What we do know is that they remotely accessed breakers of several power plants. The Department of Homeland Security has also identified KillDisk (which wipes certain targets on disk drives) as playing a role in corrupting the master boot record, thereby “rendering systems inoperable,” according to Ars Technica.

We also know that the cyberattack on Ukraine’s power grid is arguably the most terrifying hack to date. The ability to knock entire regions of a nation off the grid introduces horrific potential for other types of crime, making it a matter of national security.

The worst part of it is that utilities continue to be impacted by cyberthreats.

The Dangers Compound

In late April, Lansing Board of Water & Light (BWL), a Michigan-based utility organization, had several systems knocked offline. These included the accounting department, the customer support line for outages, and email services for up to 250 employees. The culprit was ransomware – a specific strain was never named. According to the Lansing State Journal, the utility did not pay the ransom, but faced about $2 million in remediation expenses.

Ransomware and KillDisk are hardly the only threats.

The Crippling Hidden Costs of Ransomware

At this point, the devastating impact ransomware can have on organizations in any industry have been witnessed the world over. Earlier this year, one hospital in Southern California was infected with Locky ransomware. The facility had to pay hackers $17,000 to get its systems back online, and this was after it declared an internal state of emergency. A few months later, the FBI announced that encryption malware was on pace to steal $1 billion from organizations in 2016.

While these costs and occurrences are alarming in and of themselves, they don’t necessarily illustrate just how financially damaging ransomware can be to organizations. There are hidden costs in addition to the initial ransom that are less talked about, but no less crippling.

Downtime and Remediation Costs

As we clearly saw from the Los Angeles hospital incident, system downtime is extraordinarily troubling – records were kept using pen and paper, and external communications took place via fax machine. However, downtime is as expensive as it is inconvenient. According to research from the Ponemon Institute, IT-related downtime costs businesses, on average, $7,900 per minute. In fact, DARKReading contributor Andrew Hay ran the numbers for the ransomware that impacted the aforementioned hospital, and it came up with this number : $533,911. That, according to Hay, is the total amount of estimated revenue that the facility lost, in addition to the $17,000 ransom.

Still, that’s only the tip of the iceberg. These “downtime” expenses don’t necessarily account for the longer-term, hard-to-quantify expenses, such as reputational damage, or what Hay refers

Hackers Are Raiding Retailers’ IT Networks

Managing endpoints in a retail environment poses a slew of security complications. The industry has been heavily targeted by hackers in the past year or so.

Specifically, cybercriminals have leveraged difficult-to-detect point-of-sale malware such as BlackPOS (the culprit behind the infamous Target breach), AbaddonPOS, CherryPicker, CenterPOS, RawPOS and finally ModPOS – a strain that researchers called “by far the most sophisticated POS malware,” upon its discovery in late 2015. The reason ModPOS is so terrifying is because in addition to its memory-scraping capabilities, it has a keylogger that helps it gather local network information such as metadata. In effect, this makes it possible to bypass encryption.

EMV Is Not a Silver Bullet

In late August, clothes retailer Eddie Bauer announced that it was the victim of a payment card data breach, and that customers who used their card at stores in the U.S. or Canada between Jan. 2 and July 17 may have been affected. These types of announcements have become fairly commonplace, but this one was different.

According to IT World Canada, the unnamed strain of POS malware is believed to have been designed to work against magnetic stripes as well as EMV cards. At the time of this writing, it remains inconclusive if EMV cardholders were also affected. Nevertheless, all customers in the stated timeframe, including those who made their purchases with the new chip-card technology, have been notified of the breach.

“EMV technology isn’t a panacea for POS malware.”

More recently, hackers managed to break into a cloud-based point-of-sale system that is responsible

Better Computer Management Is a Matter of National Security

Military and law enforcement agencies have long benefited from the ability to wirelessly and remotely access information while on the job. However, as mobile endpoints play an increasingly central role in supplying field officers with real-time data, they may also introduce new cyberthreats. Consider, for instance, the dangers associated with a lost or stolen military Toughbook that ends up in the hands of criminals and ends up posing a risk to national security.

Criminal Justice Information Services (CJIS) guidelines aim to mitigate some of these risks through certain provisions such as strong password management, multi-factor authentication requirements and email encryption, just to name a few.

While adherence to CJIS standards will enhance cybersecurity, compliance can’t be your agency’s only defense strategy. Hackers are becoming increasingly sophisticated, and in some cases, are backed up by nation states. The bottom line is that it takes a lot more than compliance to protect military and law enforcement field endpoints.

The Department of Justice Data Breach

An example of what’s at stake for military and law enforcement agencies occurred in early 2016, when the Department of Justice was breached after hackers managed to access an insider’s email account. From here, the intruders were able to “social engineer” their way into the DOJ intranet, and subsequently access critical databases. According to Computerworld’s Darlene Storm, the hackers then stole and dumped “9,000 DHS [Department of Homeland Security] employee names, email addresses, locations, telephone numbers and titles” on the web.

Soon after, the cyberattackers executed a second data dump, this