What if you were to go out of business this month?
The potential threats and associated risks are not a fantasy, but a reality
On the 17th of June, code-hosting and software collaboration platform company Code Spaces was shut down indefinitely due to a cyber-attack on their cloud hosting services.
Their final public statement read, “Code Spaces will not be able to operate beyond this point, the cost of resolving this issue to date and the expected cost of refunding customers who have been left without the service they paid for will put Code Spaces in an irreversible position both financially and in terms of ongoing credibility. As such at this point in time we have no alternative but to cease trading and concentrate on supporting our affected customers in exporting any remaining data they have left with us.”
What is Ransomware and how were Code Spaces hacked?
Code Spaces used Amazon's Cloud to provide a cloud hosted platform with support for code and software for their customers. The root cause of how the hacker became authorised is unknown to Code Spaces, but the hacker managed to gain the username and password to Code Spaces Amazon EC2 control panel and then left a number of messages for them to contact the hacker using a hotmail address.
When the Code Spaces team reached out to the hacker, the hacker held them to ransom asking for money in exchange for not destroying theirs and their customer’s data. Code Spaces tried to resolve the issue by changing passwords and removing the compromised account, but the hacker had created backup accounts, noticed what the Code Spaces engineers were trying to do and then proceeded to delete their data, backups, machine configurations and offsite backups.
Could this happen to you?
In short, yes - but in fairness, it could happen to any company. The level of damage inflicted would vary depending on each situation. Because of this, it is more important to focus on ‘how’ a company can resolve a similar issue, as this determines the difference between a successful mitigated response and bankruptcy or company closure.
What can be done?
A company can never stop this from occurring, since in today's cyber world, it is quite often not a question of if, but when. What you can do is implement preventive controls to help reduce the likelihood of such an event, as well as, implementing corrective controls to recover from such an event. .
A solid Information Security Management Framework, like ISO 27001 is a good choice in rolling out and monitoring such controls.
What else can help?
Attackers prefer to beeline for the weakest link in your security defences. In most scenarios, this tends to reduce down to human beings (i.e. you, me, your team, everybody). As such, training and awareness on best practice so staff are cognisant of such threats is another dimension to be layered on top of technical and procedural controls.