Once again over the last couple of weeks we have seen a high-profile business being severely compromised by a ransomware attack. The US fitness giant Garmin suffered a global outage that resulted in the company having to shut down its connected services and call centres for several days. The company said that: “Many of our online services were interrupted including website functions, customer support, customer-facing applications, and company communications though we have no indication that any customer data, including payment information was lost or stolen.”
It is reported that the cyber criminals are Russian based and demanded $10 million to restore the company files encrypted by the ransomware. But the financial implications go well beyond the ransom payment itself. Aswell as operational costs of all the disruption within the business there is also likely to be a significant impact on revenue, both in the short term and in the longer terms as the reputational damage to Garmin will doubtless cause existing and potential future customers to consider the security of their products and the Garmin Pay contactless payment system in particular.
After recent cyber attacks on Travelex and the NHS we should be reminded that all organisations are potentially vulnerable to attack. In fact California-based cybersecurity firm SonicWall reported recently that ransomware cases around the world increased by 20% in the first half of 2020, with 5.9 million attacks in the UK alone.
Here at Novem our consultancy, infrastructure design and delivery teams work with our clients to design and implement tailored Cybersecurity and Disaster Recovery plans. Our Cybersecurity approach recommends controlling physical access to your hardware as well as protecting against harm that may come via unsolicited network access, malicious data and code injection from external and internal threat sources. If the worst does happen, a thorough Disaster Recovery plan will have assessed your current IT Systems, storage and backup strategy, and agreed your priorities for service recovery and system restoration. We offer a fully monitored and managed service with auditable verification and, if required, hosted regular live recovery scenarios.