Cyber Security
Now you see it, now you don’t
Y By David Stafford-Gaffney
ou wake up feeling toasty warm on a somewhat dreary and rainy day and you start to think about what you have on for the rest of the day. The business you started has grown from a one-man band to 5 employees and things feel pretty darn good. Customers are increasing, as are services and the upside is huge. Your team are incredibly capable and subject matter experts in their field, so services are of the highest quality. You have a few customer meetings and a sales presentation later in the day, to a large enterprise that would be the biggest customer, by revenue and profit, to date. Then the phone rings, one of the crew has identified a denial of service attack taking place on your servers, making your entire business offering unavailable for your customers and more importantly, their customers. Unbeknownst to you, things just took a turn for the worst and you will lose your entire business as a consequence. The troubleshooting escalates quickly and chaotically. Fast forward a few hours and the denial of service attack is over. The dust settles, but things don’t look right, in fact things look bad, disastrously bad. With further investigation the team realise, the denial of service attack was a distraction, the real attack was on your information and all
16 | Australian Cyber Security Magazine
that’s left are crumbs. The attackers, created a secondary attack to hide the real damage, they didn’t care about the unavailability of your services, they wanted your data or more importantly, they didn’t want you to have it anymore. Your stomach sinks and you feel sick as you come to the realisation that your back-ups are on site, you feverishly direct your teams to the location of the back-ups, and the look on their faces say it all. They’re gone. There is literally nothing more than crumbs of data, crumbs of an organisation and even the people are crumbling with the realisation that this is likely the end. Question after question fills your mind as you try to understand how this has happened. You’re not interested in why, just yet, but how. How on earth did we not have off site backups? How did this even happen? Slowly you work through each scenario one after the other. You’re all Subject Matter Experts, you live and breathe this, you built the business, you understand the technology, and still, things don’t make complete sense and there is one very good reason why. You completely underestimated the threat’s that your organisation faces and the steps required to effectively protect the organisation against them and ultimately, to respond when attacked by them.