The recent cyber-attack on Sony Pictures has severe repercussions to small businesses as well as large corporations. This latest attack was not only malicious (aka stealing data), it was destructive. Data and actual products, in this case movies were stolen, and reports say the entire network was disabled. The malware forced computers to go into hibernation mode for several hours. The computers were then commanded to shut down and reboot. Upon rebooting, the computers were commanded to wipe out all files. It was reported that the corporation shut down their email system for a week. There is speculation that the hacker had insider information.
The FBI issued a flash alert soon after and sent it to security administrators at major American corporations. It seems small and midsize businesses did not receive the alert. The FBI provided technical details according to some reports. Some security experts think Sony will have to replace every infected computer or have technicians reimage or replace each hard drive, a time consuming and expensive recovery steps.
We know about the copycat approach to physical crime. Once a criminal succeeds with one criminal effort, other criminals decide to try the same approach. If they succeed, even more criminals attempt it. The same mentality applies to cyber criminals. There are copycat cyber criminals waiting for the next opportunity.
- Back up, back up, back up – do it frequently. You may want to save data off your system at least daily. Back up critical work throughout the day if you don’t want to lose key activities. Save your backups in a very save and accessible manner. Letting your IT person take the back-ups home is not a safe system. Consider storing physical backups in a safe. Another option is using a cloud back up storage service.
- Talk to your local law enforcement agency or the FBI if you think you have been hacked. Thousands of cyber-crimes have been committed that are not covered by the media. The more law enforcement knows about these crimes, the easier it will be for them to combat future crimes.
- Have a recovery plan. Hopefully your business will not be attacked like Sony was, but it just makes good business sense to be prepared if it happens.