NZ can learn from the Baltimore cyberattack
NZ can learn from the Baltimore cyberattack
May 21, 2019
New Zealand can take lessons from Baltimore in the United States which until a few days ago, was offline following a ransomware cyberattack for more than a week, FintechNZ general manager James Brown says.
What does New Zealand need to do to prevent one of its major cities being offline for over a week, Brown says.
“What would the economic impact be if Auckland, Wellington or Christchurch went offline? It would probably run into billions of dollars.
“How would we react in New Zealand? Baltimore’s government rushed to take down most computer servers on May 7 after its network was hit by ransomware. Functions like 911 weren’t affected but after eight days, online payments, billing systems and email were still down.
“No property transactions were conducted in the week following the attack, exasperating home sellers and real estate professionals in the city of more than 600,000. Most major title insurance companies prohibited their agents from issuing policies for properties in Baltimore,” Brown says.
Eight Techweek events around New Zealand this week will focus on how to deal with cyber security and cyberattack issues.
The latest Baltimore attack comes just over a year after another ransomware attack slammed Baltimore’s 911 dispatch system, prompting a worrisome 17-hour shutdown of automated emergency dispatching.
In the attack last week, the hackers demanded 13 Bitcoins (about $92,000) by last Friday. Agents with the FBI's cyber squad are helping city technology employees try to determine the source and extent of the cyberattack.
Brown says small steps can be taken to
minimise the impact of a cyberattack in New Zealand.
“Some basic actions should be put in place straight away. Companies should install, use and regularly update antivirus and antispyware software on every computer used in their business and keep it updated.
“They should use
a firewall for their internet connection and make backup
copies of important business data and information – and
back up often.
“Businesses must control physical access to their computers and network components and secure their wi-fi networks. Companies should make sure their employees only have access to the data they work with and they should all regularly change passwords.
“According to the Kaspersky Lab, the average annual cost of cyberattacks to small and medium-sized businesses was more than $US200,000 in 2014.
“Most small businesses don’t have that kind of money lying around and, as a result, nearly 60 percent of the small businesses victimised by a cyberattack in the US close permanently within six months of the attack.”
Many of these businesses put off making necessary improvements to their cyber security protocols until it was too late because they feared the costs would be prohibitive, Brown says.