News & Events
What prompted me to write this article is a recent story published by the BBC of how the Bangladesh Central Bank lost over $100 million to hackers. It turned out that the bank’s system was protected only by a cheap internet router with no proper firewalling services built in – the type that many businesses still run in NZ.
I have long and consistently urged my clients to be careful about cyber security. This is because where I sit I come to hear of a lot of risk-taking and actual losses incurred by businesses through cybercrimes. Consider the following statistics:
- Over 856,000 New Zealanders were affected by cybercrime each year, costing at least $257m in 2015
- An average of 25 attacks per day happened last year, causing $13m in damage – up 68 per cent
- For one email platform, nearly 70 per cent of all email was identified as spam or malware. And this is not uncommon. Most businesses don’t realise this because their email host filters out 99.99% of this offal.
- A US study has found 60 per cent of small businesses went out of business within six months of a data breach.
The majority of the issues arise from momentary lapses of attention. It can be very hard to beat the cybercrime perpetrators because they are often very brilliant at what they come out with. For example, ransomware writers are sending out more and more innocent looking messages that even the most seasoned cyber-detectives are having difficulty differentiating from legitimate emails.
However, there is one source of vulnerability that is extremely commonplace and simple to protect against but which, from my observation, is not well managed in many organisations. I am referring to the firewalls that many businesses use to secure their networks from external strikes.
Running a basic home firewall at your business today is identical to driving without seat belts on.
For many businesses, the first firewall they had ever installed was the basic home variety firewall/router that used to be given away for free when anybody signed up for an internet connection back in the early days. These devices have very basic firewalling support such as port address translation and basic NAT. In the pioneering days when the internet first appeared, cyberattacks were unsophisticated and few and far between. Even the most rudimentary firewall provided sufficient shelter.
Most businesses, not knowing what risks they took, replace the last firewall with another firewall of the same genre as the older one packs up. They are therefore perpetuating the vulnerability from one replacement cycle to the next.
Unfortunately, over the decades the complexity and frequency of cyberattacks has mushroomed. In the last five years especially, we have seen unprecedented increases in the volume, forms, and intricacy of such outbreaks.
If you are running one of these firewalls, or if you are not sure, my advice to you is to urgently have someone review if that device is giving you sufficient protection.
Running a basic home firewall at your business today is identical to driving without seatbelts on. You get wiped as soon as an accident occurs.
If you are running one of these firewalls, or if you are not sure, my advice to you is to urgently have someone review if that device is giving you sufficient protection. In my travels I have seen far too many of them still in active service.
If you need any help with checking if your firewall or other security defences are fit for purpose for your business, please just request a FREE audit by our security specialists at HTG.