It’s often said that there’s real value in the mailing list of a business. What’s true is that there is real value in the data of any business. That’s not just from a marketing perspective, but from a day to day record keeping perspective as well as a historical and information perspective too. Cyber Attacks can wipe that out in seconds.

What would you do if you lost ALL of your business data?

That’s what happened to a business we know recently. It’s an incredibly scary prospect.

They pay a significant amount every month to buy solid, timely and informed support. They never scrimp on their security; they never say ‘no’ if something security-wise is recommended.

And yet two weeks ago they were hacked, and lost everything from their remote servers.

What happened wasn’t targeted at them, but instead was a consolidated hardware attack on a specific data centre. Hundreds of servers were wiped out, including theirs.

They had a back-up server, in case the first went down, and the two were copies of each other. The problem was, the second server was in the same data centre, and was taken out at the same time as the first.

They lost their primary product, an online portal to which all of their customers have access, and through which they run their entire business. They turn over millions of pounds a year, so this loss was HUGE.

The thing is, it could have been far worse!

As part of their normal working protocols, they have multiple back-ups kept internally, of everything. AND they are up to date back-ups that actually work.

They lost just over two days, but got everything set back up. They lost time, they lost (lots!) of sleep, but they were back up and running within 48 hours, purely because they had these ‘back-up back-ups’.

Smaller businesses don’t usually consider the more sophisticated protections of mirrored servers, and multiple back-ups. They don’t consider that anyone is going to look at them, as they’re surely too small?

This attack, which appears to have been instigated by ‘malicious hackers of Russian origin’, will have affected numerous small businesses.

• Some of the servers hacked will have been used by web agencies who offer hosting solutions.
• They would have been used by small businesses who use hosted solutions, to avoid the costs associated with buying a server and keeping it up to date.

They would have been used by businesses like ours for all sorts of things…

So, what can you do?

These are the most basic steps, that saved the story above having a very different outcome:

1. Make sure you have back-ups of ALL information for your business.
2. These need to be updated frequently AND routinely.
3. They should be checked, frequently, so you know they will work when you need them.
4. Keep them in different, secure off-site locations.
5. Speak to your web developer to know that your code for your website is secure, and get an undertaking from them that they will be able to get it onto another server within 12 hours. If they can’t give that, you need to speak to someone who can, or hold a copy of your updated code yourself and know how to use it. Few businesses these days can manage for very long without their site, or reconstruct it easily if it’s taken down.

The National Cyber Security Centre

A press release on the 28th January from the NCSC, part of GCHQ, reinforces the increased risk I’ve highlighted above.

It urged organisations to study the guidance issued in response to recent malicious cyber incidents in the Ukraine. Activity in and around the Ukraine fits the pattern of behaviour that has been attributed by our Government to the Russian Government.

The NCSC recommends the following actionable steps to reduce the risk of falling victim to an attack, including:

• patching systems
• improving access controls and enabling multi-factor authentication
• implementing an effective incident response plan
• checking that backups and restore mechanisms are working
• ensuring that online defences are working as expected, and
• keeping up to date with the latest threat and mitigation information.

You can see more details around each of these recommended steps, and more advanced actions here.

You might also like to follow this link, which is advice relevant to smaller businesses.

As we all move further into the cloud, this is an increasing risk. The related logistical benefits of doing so are immense, and the pandemic heightened that still further with the related and urgent need for remote working. Many businesses didn’t have time to explore all that they perhaps should have in terms of security when Coronavirus hit, but now it’s time to catch up.

This attack may sound like something out of a movie, but there will be nothing entertaining if your business is hacked, and suffers like the one in my opening story. Seeking some sound advice and taking the right steps now could be the difference between an inconvenience and a catastrophe.

We can’t advise on specifics, as we are in no way experts on the subject, but we can strongly recommend that you speak to reputable and experienced IT advisors to ensure your data is as safe as possible. We do know a couple of companies who can help with these issues, so please ask if you’d like contact details. Please don’t ignore the elevated risks though!