Networking

ASCO Industries Falls Victim to Ransomware

Posted on by in breach, Business Users, compromise, Networking, Security | Leave a comment

Help Net Security reported yesterday that ASCO Industries, an aerospace manufacturing company, was impacted by a ransomware infection severe enough for them to suspend their manufacturing operations around the globe.

It continues to amaze me how effective ransomware is at grinding a business operations to a halt. Ransomware isn’t new by any means; however, organizations don’t seem to be taking the threat seriously. Employees remain extremely vulnerable to phishing tactics that often let malware into the network, however IT departments should be more prepared for this sort of outbreak than they seem to be. Ransomware should be curable with a quick restore of infected systems, and then you’re back online. Users workstations? Re-image and call it a day.

The blame here does fall on the IT organization themselves for being ill-prepared. I don’t pretend to be knowledgeable about the ins-and-outs of ASCO Industries’ IT environment, but today’s hyper-connected world demands that IT professionals rise to the call of taking reasonable measures to protect their environment. We’re not talking about anything crazy, just common protective measures such as:

  • Backups of all servers to meet RTO/RPO as determined by business needs.
  • Endpoint protection – a reputable antivirus and intrusion prevention solution. It won’t catch everything but it is still an absolute necessity.
  • A segregated network. In this specific example it seems logical that the manufacturing network should be separate and more locked-down than other client networks – so why was the production line impacted?
  • An incident response plan: so a workstation does get infected, what do we do? This doesn’t have to be rocket science, it might be as simple as disconnect from the network until the station is re-imaged.
  • Security awareness training. This is no longer optional – staff need to be trained on threats such as phishing, social engineering, and basic information security concepts.

The biggest problem that I’ve seen is lack of urgency on the IT organization’s part to accomplish these bare minimums. It may also be influenced by insufficient understanding (and maybe lack of proper budget allocation) from the C-level executives in the organization. One thing I’m sure of is that the folks at ASCO Industries are re-evaluating those priorities right now.

Data Backups: Can you rely on tape?

Posted on by in Business Users, Networking, Security | Leave a comment

Almost every small business that I’ve had a chance to work with has used tapes as their primary means of backing up data (the others have had no backups or no data to backup). Tapes are used widely for several good reasons: they can be stored and archived for many years, they are fairly inexpensive, easy to rotate, and many backup software packages are designed around the use of them. But have you ever had to restore from tape? It’s a tedious process. First, you have to find the tape (or tapes) that has the data you want to restore from (hope you’re labeling them well!), then you have to catalog it, then you have to mount and restore it… something that should be so simple can actually be an excruciating process. After all of that (and the time it takes if you’ve been there) you had better hope that the backup was tested, otherwise it may not even restore properly. What if your business is completely down until the restore is done? That would make for a very stressful day.

In my opinion, tape is a legacy technology. Disk and flash storage is so affordable these days that companies can easily purchase storage capacity that can exceed the amount of space that they have with tapes. This can translate to faster and more reliable backups, longer retention periods, and more available space for future growth. Restores are usually completed faster, too. Interested in a hybrid model? Tapes can still be a good means of off-site archival. Or, you can look into cloud based backups options or even offsite disk-based backups. The options are out there, but you have to make the choice for the backup solution that is best for your business.