Hit me when I’m down – The gloves are off in cyber attacks
We all know in boxing that you cannot hit below the belt as well as hit someone when they are on the canvas. Sadly, in the world of IT security and hackers there are no such rules. Watching the recent real world events in the banking world, we have seen a number of banks hit with cyber attacks in the run up to the Christmas period. Consumers relying on payments and being able to make purchases have been disrupted, dare I say, yet again. Poor old RBS group and especially NatWest seem to have taken the brunt of the hits in the past weeks (NatWest, Ulster Bank)
Recent surveys have actually shown the banks do quite well at repelling the online invaders BBC – How banks contain the threats from cyber criminals but even a small amount of space will give attackers a wiggle room to exploit vulnerable sites. What is most interesting in the recent NatWest episode is not the initial attack that took them off line but the sustained cyber attacks after. One might suggest that the period after an attack is possibly now the most dangerous for an organisation. It is not surprising that after any hard hit, IT and security departments will be racing to get back on-line as soon as possible and the attackers know that the internal escalations will be placing pressure on the community to just get back online. It does not take much to imagine that in getting back online some corners maybe cut, leaving a firm vulnerable to follow up cyber attacks and actions. This has been clearly the case with the recent Natwest history.
There is a moral here perhaps, that if you are down expect to be hit further and ground into the canvas. Paramount importance should be placed on weighing the tough decision of getting back to your customers asap versus playing safe. Perhaps it is not the time to cut corners however hard you feel pressured. Like a downed boxer uses the time on the canvas to recover strength and make sure you are ready to stand up and fight again.