Picture: 123RF/WELCOMIA
Picture: 123RF/WELCOMIA

It is rumoured that President Vladimir Putin writes all his memos by hand.  The reason is simple: you cannot hack a piece of paper. The only risk is that some Kremlin lackey loses the piece of paper (no doubt to be followed shortly by his accidental fall from a tall building).

Whether the rumour is true or not, the reality is that the only way to avoid being hacked is to not connect with the cyberworld.  However, this is simply not possible for any business operating today.  The result is the often-repeated mantra that there are only two types of businesses: those that have been hacked and those that will be hacked. 

Despite this threat, more and more companies pride themselves on their progress towards greater integration of their systems and the Internet of Things (IoT) or the so-called fourth industrial revolution (4IR).  As they do, they leave the analogue world further and further behind. 

Historically, most cyberattacks were aimed at accessing a company’s database.  As a result, businesses have naturally focused on protecting their data and creating parallel data storage and recovery centres.  However, the increased integration of digital systems has allowed cybercriminals to open new and more lucrative opportunities for hacking.  As a result, cybercriminals are increasingly focusing their attention on denial of service attacks, which shut down a company’s entire IT system.  Companies have to then either pay a ransom to remove the lock on their system or find a workaround.

A further disturbing trend is that cybercrime has moved from individuals in the cyberunderworld to state-sponsored actors.  Businesses are a soft target for states looking to destabilise their enemies.  The recent hack on the privately owned Colonial Pipeline in the US disrupted the supply of 45% of the fuel for the whole of the east coast of that country.  Speculation is rife that Russian proxies are to blame.  This follows the SolarWinds hack, also widely attributed to Russian state-sponsored hackers, who targeted a company that supplied about 33,000 customers, including some US government departments, with IT management software.  The spyware embedded in the SolarWinds software served as a convenient back door to otherwise hyper-secure government systems. 

Cut off from access financial markets, North Korea is rumoured to have stolen or extorted billions of dollars through cyberattacks to fund its regime and gain access to technology designs.  Famously, North Korea has also been blamed for shutting down the IT infrastructure of Sony Pictures, seemingly out of revenge for the release of a film parodying Kim Jong-un. 

In March, the White House said Chinese hackers were actively targeting Microsoft Exchange servers, leaving behind possible back doors to return to later.

SA is certainly not immune to cybercrime.  According to an Accenture report, SA had the third-highest number of cybercrime victims of any country in 2019.  Liberty, Life Healthcare, PPS, Momentum Metropolitan and Experian are some of the businesses, stated publicly, to have been targeted.  The City of Joburg was hacked by a group called the Shadow Kill Hackers, who demanded a ransom payment in bitcoin. 

The pandemic has increased the vulnerability of business IT systems as staff work from home and link in to the company from less than secure environments, often using unsecure personal computers.

Most companies are simply not able to afford to maintain a duplicate secondary system that operates independently of its primary system and that can go live at any time.  At the same time, how many companies have left the analogue world so far behind them that they cannot operate when faced with a total or even partial loss of their IT systems? 

Which brings us back to my “Putin solution”.  On a recent trip back from a neighbouring state, I arrived at the airline check-in counter to find that the systems were down. Steeling myself for hours of delay, I was surprised when the check-in attendant reached into a drawer for a carbon copy book (look it up, millennials) and wrote out my boarding pass and luggage tags.  More by accident than by design, the lack of resilience of the computerised check-in system was such that the airline could not afford to let go of the analogue world.  As a result, the flight left on time. 

A less comforting story was a trip to New York in 2016 when all flights of a major US airline around the world were grounded due a systems problem.  Every single component of its computer system was affected and shut down: ticketing, boarding passes, cargo, take-offs and landings, plane scheduling, ground crews, plane crews, maintenance, seating, upgrades, suppliers, payments.  To this day, the airline contends this was due to a power failure at a control centre, but speculation remains rife that the cause was a computer hack.  Irrespective, the complete dependency on a computer system meant there was no ability to cope without it and it took many days for it to restore normal flight scheduling.

The future of cybersecurity may well therefore be to not completely let go of the analogue world.  This may be as basic as ensuring that your staff have phone communication (not dependent on the internet), pen and paper and printed forms and manual credit card machines (remember those?) – oh, and keys to the front door.  The ability of a business to continue operating, even in the most basic of forms, will seriously undermine those looking to extract a ransom. 

Companies looking to gear up for 4IR are well advised to determine the extent to which they the leave the analogue world behind.  The cybercriminals and their state sponsors certainly are doing so. 

*Shaun Read is the CEO and founder of Read Advisory Services

subscribe

Would you like to comment on this article or view other readers' comments?
Register (it’s quick and free) or sign in now.

Speech Bubbles

Please read our Comment Policy before commenting.