How to recover from a cyber-attack


June 4, 2021

How to recover from a cyber-attack

Successfully restoring 44 of our software application instances this week has been intense but satisfying work!
When one of our important customers contacted us recently about the recovery process after suffering a dramatically successful ransomware attack, the Kerryman’s response to being asked directions came immediately to mind (being from Kerry, I can smile at the joke!).

“well, I wouldn’t start from here anyway…”

Shocking is not a term I would use often or lightly in the course of our work. Although I had been well briefed, it still felt absolutely shocking to witness the breadth of the attack and the scale of the impact when the team actually got to work on recovering the various systems.

Cyber security has become a hot topic in recent years: in particular, the Solar Winds breach in the US last year put this on the agenda for a lot of organisations. IBM recently reported that the average cost of a data breach is $3.86 million as of 2020.

However, there is nothing like a real experience to focus the mind! The massive acceleration in digitisation and cloud adoption during the Covid 19 pandemic has increased the potential attack surface area for many organisations and most are still playing catchup in terms of disaster recovery and business continuity planning in this context.
I was very happy (and to be honest, relieved) that the three key components listed below were in place with our customer before the cyber-attack event – it might have been a very difference piece of recovery work had they not been in place! This was a substantial contributing factor for the quick and effective restoration of the systems and effectively supporting our customer during this emergency. The Kerryman joke about directions was the first thing that came to mind, but now at the end it is Conor McGregor’s quote after his brutally quick defeat of Jose Aldo in 2015:

“It has been a lifetime of work to get to that 13 seconds”

Admittedly it took a little longer than 13 seconds to recover our systems and there were moments when it might not have felt quite as serene a process as presented here, but the team had a quiet confidence throughout which was validated by the successful outcome.
Reflecting now on the experience, after quickly and effectively restoring our 44 software application instances earlier this week, 3 key elements emerge as essential ingredients that enabled the recovery process:

1. Operationalised security principles

Our customers have recognised and valued the fact that best practice security principles are fully integrated into our work practices. Our certified standards and accreditations such as ISO27001:Information Security Management and CyberEssentials reflect the fact that these principles are embedded in what MAPS do every day and in how MAPS work with our customers rather than vice versa. At MAPS, we don’t simply tick boxes to achieve standards accreditation. The team were particularly proud last year when MAPS became the first organisation in Ireland to be assessed and passed by the National Standards Authority of Ireland (NSAI) for the ISO27701: Privacy Management System.

2. Appropriate implementations

MAPS Business Process and Technology Solutions are always matched to the context in which they are used: they are designed and deployed with a minimum of dependencies while optimising the user experience.
Our software development team work with the latest technologies and apply security best practice advice referencing The Open Web Application Security Project (OWASP). This meant that our production systems were well structured and on the appropriate infrastructure which was very important for fast recovery.

3. Trusted partnership

When our team work with our customers, we strive to establish a trusted partnership relationship beyond the standard supplier relationship that they might be accustomed to. Experience over the past year during the pandemic has taught us that developing a collaborative working ethos with our customers is very effective. MAPS assess and advise objectively and only recommend our services and solutions where we have confidence that they are suitable. This means that when unforeseen emergencies demand clarity and appropriate intervention, we can have honest conversations with our customers and be of genuine assistance in a time of need. Some time ago we got the following very nice testimonial that captures this very well:

“To put it simply, I know I can rely on MAPS. The MAPS team spend the time necessary to understand what is required and how to make it work optimally. In those high octane moments, MAPS’ process oriented solutions give me confidence and peace of mind.”

Although the usual focus of MAPS work is to enhance Business Operations in order to make them more effective and efficient, the outcome of this work is a key component of good Disaster Recovery and Business Continuity Planning.
If you would like to explore how MAPS could work with you on a project related to this blog post, please get in touch here.


Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Do you have any projects?
Contact us.

How to recover from a cyber-attack

How to recover from a cyber-attack

img

Successfully restoring 44 of our software application instances this week has been intense but satisfying work!
When one of our important customers contacted us recently about the recovery process after suffering a dramatically successful ransomware attack, the Kerryman’s response to being asked directions came immediately to mind (being from Kerry, I can smile at the joke!).

“well, I wouldn’t start from here anyway…”

Shocking is not a term I would use often or lightly in the course of our work. Although I had been well briefed, it still felt absolutely shocking to witness the breadth of the attack and the scale of the impact when the team actually got to work on recovering the various systems.

Cyber security has become a hot topic in recent years: in particular, the Solar Winds breach in the US last year put this on the agenda for a lot of organisations. IBM recently reported that the average cost of a data breach is $3.86 million as of 2020.

However, there is nothing like a real experience to focus the mind! The massive acceleration in digitisation and cloud adoption during the Covid 19 pandemic has increased the potential attack surface area for many organisations and most are still playing catchup in terms of disaster recovery and business continuity planning in this context.
I was very happy (and to be honest, relieved) that the three key components listed below were in place with our customer before the cyber-attack event – it might have been a very difference piece of recovery work had they not been in place! This was a substantial contributing factor for the quick and effective restoration of the systems and effectively supporting our customer during this emergency. The Kerryman joke about directions was the first thing that came to mind, but now at the end it is Conor McGregor’s quote after his brutally quick defeat of Jose Aldo in 2015:

“It has been a lifetime of work to get to that 13 seconds”

Admittedly it took a little longer than 13 seconds to recover our systems and there were moments when it might not have felt quite as serene a process as presented here, but the team had a quiet confidence throughout which was validated by the successful outcome.
Reflecting now on the experience, after quickly and effectively restoring our 44 software application instances earlier this week, 3 key elements emerge as essential ingredients that enabled the recovery process:

1. Operationalised security principles

Our customers have recognised and valued the fact that best practice security principles are fully integrated into our work practices. Our certified standards and accreditations such as ISO27001:Information Security Management and CyberEssentials reflect the fact that these principles are embedded in what MAPS do every day and in how MAPS work with our customers rather than vice versa. At MAPS, we don’t simply tick boxes to achieve standards accreditation. The team were particularly proud last year when MAPS became the first organisation in Ireland to be assessed and passed by the National Standards Authority of Ireland (NSAI) for the ISO27701: Privacy Management System.

2. Appropriate implementations

MAPS Business Process and Technology Solutions are always matched to the context in which they are used: they are designed and deployed with a minimum of dependencies while optimising the user experience.
Our software development team work with the latest technologies and apply security best practice advice referencing The Open Web Application Security Project (OWASP). This meant that our production systems were well structured and on the appropriate infrastructure which was very important for fast recovery.

3. Trusted partnership

When our team work with our customers, we strive to establish a trusted partnership relationship beyond the standard supplier relationship that they might be accustomed to. Experience over the past year during the pandemic has taught us that developing a collaborative working ethos with our customers is very effective. MAPS assess and advise objectively and only recommend our services and solutions where we have confidence that they are suitable. This means that when unforeseen emergencies demand clarity and appropriate intervention, we can have honest conversations with our customers and be of genuine assistance in a time of need. Some time ago we got the following very nice testimonial that captures this very well:

“To put it simply, I know I can rely on MAPS. The MAPS team spend the time necessary to understand what is required and how to make it work optimally. In those high octane moments, MAPS’ process oriented solutions give me confidence and peace of mind.”

Although the usual focus of MAPS work is to enhance Business Operations in order to make them more effective and efficient, the outcome of this work is a key component of good Disaster Recovery and Business Continuity Planning.
If you would like to explore how MAPS could work with you on a project related to this blog post, please get in touch here.

CLIENT NAME


PROJECT TYPE

                       


Do you have any projects?
Contact us.

'