SoylentNews is people
SoylentNews
from the $95-million-would-pay-for-a-LOT-of-backups dept.
Ransomware Incident to Cost Danish Company a Whopping $95 Million:
After a month, hearing aid manufacturer Demant has yet to recover after the attack.
Demant, one of the world's largest manufacturers of hearing aids, expects to incur losses of up to $95 million following what appears to be a ransomware infection that hit the company at the start of the month.
[...] Demant's troubles began at the start of the month, on September 3, when in a short statement on its website, the company said it was shutting down its entire internal IT infrastructure following what it initially described as "a critical incident."
What really happened on the company's network, we'll never know, as Demant never revealed anything except that its "IT infrastructure was hit by cyber-crime."
Reports in Danish media[1, 2] pegged the incident as a ransomware attack, and it sure did look like one from the outside.
Per its own statements, all the company's infrastructure was impacted -- and impacted severely.
This included the company's ERP system, production and distribution facilities in Poland, production and service sites in Mexico, cochlear implants production sites in France, amplifier production site in Denmark, and its entire Asia-Pacific network.
Companies usually recover after data breaches within days; however, Demant took weeks, is still recovering assets today, and expects to take two more weeks to recover in full. This pattern of destruction that takes months to recover from is usually encountered during ransomware infections only.
[...] These business upheavals have been a disaster for the company's bottom line. In a message to its investors, Demant said it expects to lose somewhere between $80 million and $95 million.
The sum would have been higher, but the company expects to cash in a $14.6 million cyber insurance policy.
Most of the losses have come from lost sales and the company not being able to fulfill orders. The actual cost of recovering and rebuilding its IT infrastructure were only around $7.3 million, a small sum compared to the grand total.
How many Soylentils have discovered a security vulnerability in your own company's code and succeeded in persuading management to provide sufficient time and resources to address them?
(Score: 2) by HiThere on Tuesday October 01 2019, @10:47PM (11 children)
In my experience thumb drives are unreliable storage systems. Use a USB hard drive instead. Actually, use several and rotate them.
Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.
(Score: 2) by JoeMerchant on Tuesday October 01 2019, @11:03PM (5 children)
Sure, point being: the whole valuable dataset can be contained in a little widget that costs virtually nothing, so why not make multiple backups and keep them in multiple sites, instead of putting $90M+ at risk?
That insurer paying out $14M should be mandating some changes in operations at all of their insured sites.
🌻🌻 [google.com]
(Score: 2) by SomeGuy on Tuesday October 01 2019, @11:25PM (4 children)
Because that would involve telling the PHB that his terabytes of uncompressed TIF files for his PowerPoint presentations are not "valuable".
(Score: 2) by JoeMerchant on Wednesday October 02 2019, @02:11AM (2 children)
Agreed, but if you wanted $14M in "data insurance" from me, I'd either be demanding $1M/month in premiums, or a data protection strategy that identifies the data of significant value and ensures that the offline, offsite backups are never more than 48 hours old and a much, much lower premium - actual rate to be determined by compliance rates found in monthly best practices audits - I suspect the premium could be lowered to the fully loaded cost of the audits + 0.1% of the amount insured, per month, if the audits find 100% compliance.
Compared to the cost of the compliance audits, the cost of the actual backups would be trivial.
🌻🌻 [google.com]
(Score: 2) by canopic jug on Wednesday October 02 2019, @07:51AM (1 child)
Agreed, but if you wanted $14M in "data insurance" from me, ...
This was partially addressed at Black Hat 2019 in the presentation How Do Cyber Insurers View The World? [youtube.com].
But not mentioned in the recorded talk is an explicit mention of the culpability of M$ products in ongoing, successful breaches and ransomware attacks. It was mentioned when the industry started at the tail end of the 1990s. Back then premiums were much higher for the fools trying to run Windows and othef M$ products in production. Now it seems talked around. It is the elephant in the room now and as problematic as it gets, costing the world hundreds of billions per year [varonis.com]. If this damage were cause by another group than the politician Bill Gates and his minions, national defense would be all over it. It may be that the underwriters will just use it as an excuse to raise premiums for all custoemrs though.
Money is not free speech. Elections should not be auctions.
(Score: 2) by JoeMerchant on Wednesday October 02 2019, @01:17PM
I think this is endemic to the insurance industry - sure give a "safe driver" discount of 10 or 20%, vary premiums based on age, sex, etc. but, I believe that they know more than they let on in their rate setting, and they push everybody's premiums toward a point somewhat above the average, such that the irresponsible and higher risk are actually getting a good deal on insurance, costs borne by the rest of the group - even though they pay "discount rates" the discounts don't reflect the real reduction in risk that is known to be present.
🌻🌻 [google.com]
(Score: 2) by fido_dogstoyevsky on Wednesday October 02 2019, @02:16AM
There's a solution for that problem [theregister.co.uk].
It's NOT a conspiracy... it's a plot.
(Score: 2) by EvilJim on Wednesday October 02 2019, @02:21AM (2 children)
Put 'em in a RAID array, that's how you get around seagate failure features.
(Score: 3, Informative) by canopic jug on Wednesday October 02 2019, @11:43AM (1 child)
RAID only protects against device failure, as in when a whole drive fails.
What is needed here is file-level redundance. That would mean running OpenZFS on the file server underneath Samba or NFS or SSHFS. Snapshots are terribly inexpensive on OpenZFS [freebsd.org] so they could be taken frequently. Then it would be a matter of replacing the infected system with a patched replacement and then rolling back to the last-known-good snapshot. Now that the Linux Foundation stopped giving even a rat's ass about licensing, and thus many distros have stopped as well, OpenZFS is available for most distros now, too, not just FreeBSD. It also makes backups far easier through cloning. That can even be done over SSH.
Better yet would be to eliminate Windows from the desktop at sensitive work places. It's 2019 and there's no technical reason to hang onto that crapware any more. However, all too many managers are part of the M$ cult or at least admire it from a distance for that to happen. All these ransomware incidents show is that the M$ resellers which have displaced traditional IT departments have raised the TCO of ICT so high that some SMEs just fold right away [computerweekly.com] while most others hang on for a little while and then fold [inc.com]. All of that is preventable by finding and firing the managers that brought M$ products and staff into the work place. Yep, if you have Windows, you have a staffing problem if nothing else.
Or will there be people here defending that has grown up around M$ resellers embedded in SMEs? [cyberscoop.com]
Money is not free speech. Elections should not be auctions.
(Score: 2) by EvilJim on Thursday October 03 2019, @10:07PM
+1 for informative reply, yep I'd love to ditch windows, unfortunately we're tightening up on vendor numbers so going M$ as much as possible, we've just ditched trend micro for windows defender.
(Score: 0) by Anonymous Coward on Wednesday October 02 2019, @02:53AM (1 child)
If it were a database, don't put it past me to flat write a magtape backup system from scratch. Yeh, I know, custom, and incompatible with everything.
But if I did it right, I could recover the whole shebang if I carefully plan the block structures and code the write and read accordingly.
(Score: 2) by HiThere on Wednesday October 02 2019, @08:02PM
Magtape is good if you've got a large enough system to justify the cost. Most don't. Magtape also isn't very good for random writes or retrievals, so it depends on your use-case. As a backup system it's fine, if you can justify the cost. For off-line storage it's rather poor.
What we're concentrating on here is backups, but USB disks are also good for the kind of thing that would have required a tape library in the old days. (Stuff too big to justify having it take up active fast disk space.)
N.B.: USB disks aren't quite as fast as USB sticks, so you don't use them in quite the same way. But they're also better at "permanent retention". Not as good as CDs were (I don't know about DVDs or Blu-Rays). And if you ever had those glass CDs where they were written by a laser burning a pit in a metal film...those are good pretty much indefinitely if you store them in a clean, dry, place away from things that might scratch or break them. But writing them was quite expensive (IIRC a writer was approx. $30,000, and there's been inflation since then), and they didn't hold all that much per each.
Everything is a bunch of trade-offs, and what the proper trade-off is varies not only with your use-case, but also with the technology. But I currently know of NO case where 200 BPI even parity tape would be the best choice.
Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.