- Last Week As A vCISO
- Posts
- Are We Accepting Cyberattacks as the New Norm?
Are We Accepting Cyberattacks as the New Norm?
We're waking up every day to news of yet another cyberattack. It's almost as if we've grown accustomed to this digital onslaught. But should we?
Ayman Elsawah
June 30, 2024
Are we ok with cyberattacks everyday? Is this the new norm? Would we be ok with a bank robbery everyday? (maybe we already are?)
Note: I started writing this last week, didn’t think this ordeal would still be ongoing. It’s been almost 2 weeks of impact.
The CDK Attack
Recently, CDK, a software company that according to their website is “Trusted by nearly 15,000 dealer locations”, was compromised recently going completely offline. The impact is that all these dealerships got thrown back to the 1970’s, doing everything by hand with carbon copies of credit cards and manual transactions for purchases. (Dumpster diving anyone?)
Even worse, repairs and service have ground to a halt because they can’t order parts or lookup history. Resulting in millions of dollars of lost income and labor. The only upside is local service shops and dealers not using the software got the business.
A Quick Impact Overview
CDK was attacked twice, with a ransom in the millions of $ to restore service
Huge costs to customers (dealerships) including thousands of hours of overtime for employees as well lost salary for others, on top of lost revenue
Some estimates say 100,000 fewer cars could be sold in the month of June, or 7.2% decrease in revenue
CDK and its executives may be subject to several lawsuits based on how it handled the incident and what measures it took to prevent it
Service is now slowly being restored according to an open letter by CEO Brian McDonald
Another Recent Significant Attack: Change Healthcare
Additionally, Change Healthcare recently was compromised with a data breach on top resulting in thousands of medical offices not being able to process billing and payments. Again resulting in manual work, thousands of hours of wasted time, and liking a severe loss to productivity and bottom line. Not to mention incorrect billing. It’s bad enough when it’s fully automated (ever get a surprise bill?) imagine, when it’s manual? 🤦🏼♂️
Are We Ok With Being Hacked Everyday?
I heard this quote the other day while listening to Marketplace Money with the entertaining Kai Ryssdal and even though for many security folks this kind of thought process or possible reality doesn’t surprise us, it was truly fascinating to hear an outsider say it.
This was the president of a dealership that was affected by the CDK hack:
“Something sort of accepted in today’s world, because we’ve had medical institutions hacked, we’ve had banks hacked.” Pres Tom Wallace (Marketplace 6/21/24)
I have to honest, I was a little surprised to hear this. Maybe this person is just a nice guy.
So does that mean we’re now OK with this happening everyday? It made me wonder, what if our Bank was robbed or more simply not available everyday. Would we be ok with that?
Bank Robbery Statistics
A quick google led me to a rabbit hole in the FBI statistics of Bank Crime. I decided to look at 2019 statistics, the last year before the pandemic. For the sake of argument, we’re going to stick to Commercial banks in the US. I’ve also included additional statistics.
Here are some numbers:
Total robberies - 2,160
Main + Branch Offices Affected: 2,368
Approximate number of branch locations in the US: 77,000
So with an average of 260 working days in the year, that would be about 8.3 robberies per day.
With 77,000 branches, that’s about a 2.8% chance that your local bank would be affected. Of course, what’s not here is that the likelihood of your branch being robbed will go up depending on many other factors such as metropolitan location. See excerpt below.
Bank Defenses
Before getting back to the main question, I would like to point out the defenses that banks employ.
Take a look at this list of bank defenses:
|
|
These defenses, just like in cybersecurity, can be categorized as Detective, Preventative, and Corrective. This is all part of a defense in depth strategy.
SF Robberies Are Now The Norm
One other item of note that came to mind is the rampant amount of robberies that happened in San Francisco. In 2021, Walgreens had to outright close several locations due to rampant shoplifting. People were just walking into stores and taking bags full of medication.
Additionally, getting your car broken into in SF would happen on daily basis. Go to any parking lot in SF and I guarantee you will see a family staring at their broken car glass in bewilderment of the theft. My car was broken into twice in the past 4 years. I’ve gotten good at vacuuming broken glass and getting it fixed quickly.
Have I accepted this as the norm? Yes and No.
It’s now the norm that thieves are everywhere and have become more aggressive. (How many people do you know had a catalytic converter stolen from their car, let alone from their driveway!)
However, I have not accepted that I shall be the victim of this crime unnecessarily.
As a result, I have leveled up my defensive strategies significantly to lower the likelihood of such an incident. Does it come at a cost of convenience, yeah sure, but it’s worth it. I also have communicated tips to others so they can be better prepared and employ preventative measures themselves.
Rejecting Cyberattack Normalization
As cyberattacks become increasingly frequent, it is imperative that we do not become desensitized to their impact. Peoples lives are impacted here.
The CDK and Change Healthcare breaches are stark reminders of the vulnerabilities inherent in our digital reliance. Just as banks have fortified themselves against robberies, we must enhance our cybersecurity measures to protect against digital threats.
Accepting massively impacting cyberattacks as the norm is not an option; instead, we must strive to create a robust defense strategy, fostering resilience and vigilance.
Reply