Somali Pirates hijacking container ships for ransom on the high seas were a massive threat barely half a decade ago.
It was so shocking that three or four people in wooden boats with AK47s could overrun giant container ships they even made a movie about it starring Tom Hanks (Captain Philips). Today piracy off the African coast of barely exists. Whilst the total cost of piracy was $7Bln in 2011 with 151 vessels attacked and 47 successful hijackings in 2011, by 2013 there were only nine attacks recorded. The adoption of best management security practices by vessel owners and crews, including armed private security on-board ships, a significant naval presence, and the development of onshore security forces made the difference.
In short, it was a proactive approach by the industry using all means necessary that ended the threat.
Cyber Piracy is the new global threat. Companies are the modern-day container ships. Cyber criminals operating anonymously are the protagonists, wielding crypto-weapons, not AK47s.
With all the media furore over the last six weeks surrounding global ransomware outbreaks (WannaCry and the Petya Worm Variant) which largely struck organisations randomly, it’s easy to lose sight of a major incident last month of cyber piracy where criminals targeted and took over an entire business with ransomware, demanding $1.62m to release the business back to its owners.
South Korean web hosting firm NAYANA was hit with a Linux ransomware attack that demanded an unprecedented 550 Bitcoins (BTC) or $1.62 million. The attack occurred on June 10 and by June 14 the company had negotiated down to the ransom to 397.6 Bitcoin, nearly $1.01 million, to be paid in three instalments, according to a June 19 blog post by Trend Micro.
The threat actors used the Erebus ransomware to infect 153 Linux servers and 3,400 businesses sites hosted by NAYANA. This is not random. This is targeted Cyber Piracy. NAYANA are not the first and will not be the last.
We are in an era where any organisation could come into the sights of cyber pirates. And everyone has been warned. Reacting after the event is no longer an excuse that cuts it around the Boardroom table. Boards and Executives will be held accountable for how they manage this clear and present risk.
Just as the Somali Pirates were defeated by proactive measures, the same is true of cyber piracy. The essential ‘peace time activities’ are: Knowing what assets are important to you and how they are at risk, assessing your current defensive capabilities, exposing your gaps and remediating them, and securing the services of cyber security specialists who can deploy best practice defences.
When an attack comes, incident detection and response falls at the heart of the matter. The ability to monitor environments and assess threats in real time, skilled staff in a Security Operations Centre, together with a well-drilled incident response plan and forensic capability, are a proactive solution that every business should consider.
If more businesses took a proactive approach to cyber security – just like the global shipping industry did – we may also collectively make cyber piracy a thing of the past.