Cyber attacks and airline DR fiasco create rude wake up call signalling the end of Summer 2016


Two cyber attacks and a Disaster Recovery nightmare for a major international airline have caught our eye in recent weeks, reflecting the urgent need for business to pay attention to the smaller details as well as what lies in front of you.

Firstly, the matter of the Delta airlines DR fiasco in early August 2016.  What started as a small fire and power outage created a painful chain reaction, leading to 2,000 flight cancellations, millions of dollars of lost income and significant reputational damage.  At the technical heart of the story, 300 of the airline’s 7,000 servers were not connected to the backup power system. Remarkably, despite spending “hundreds of millions of dollars in technology infrastructure upgrades and systems, including backup systems”, Delta CEO Ed Bastian advised they were not aware of the vulnerability.  Huge comfort for Delta customers.  From a backup point of view, this omission is a basic error which belies lack of preparedness by Delta for business continuity and disaster recovery planning and testing.  Gartner’s data centre recovery and continuity analyst Mark Jaggers commented:  “A lot of people do disaster recovery testing around moving a workload between different sites, but once they have done that, do they go back and look for defects in the design of the systems that are there? I don’t know that many companies are doing that sort of testing after the fact or as part of a disaster recovery test”.  Added to this, the complexity of IT environments creates intricate interdependencies and it only takes one fault or human error to trip up.

Secondly, mid August produced the news that FTSE 100 accounting software firm Sage had suffered a data breach following unauthorised access of a login. Whilst unknown as to whether the source was internal and external, the result caused exposure of personal details and bank accounts relating to around 300 UK companies. The cost:  Sage’s share price tumbled in the early days by 4.3%.  The remedy – due diligence around access privileges to logins if an internal attack, or more complex credentials across different sites and systems used if a ‘reluctant insider (ie. a user whose individual user username and password(s) have been breached unwittingly).

Finally, the end of August 2016 drove a chill through the spine of the cloud storage market with news of the true extent of a breach by hackers believed to have originated in 2012, where account details of over 60 million Dropbox users was reported.  Dropbox’s remedy of forced password resets has now completed.  However, whilst the data dump did not appear to be listed in the main dark web marketplace where the data would be traded, reports are being made that the data is already in the possession of 3rd parties.  The remedy secure complex passwords which are changed regularly.

Assurance derives from MSPs with connected thinking on data security services.  Amicus ITS MD, Steve Jackson commented: “Organisations should review their mission critical business areas and processes to ensure they have up to date and tested security policies, procedures, staff education and strategy.  Annexing cyber security services like FoxcatcherTM and Amicus ViperTM with our Data Backup & Replication service and an analytics driven approach, creates Cyber DRaaS. This will be the future direction for companies to consider and a service which we are currently developing”.  Failure to take such positive steps mean that companies which might have sought to rely on remediation and recovery alone, will realise that the fallout from capital value from loss of brand confidence, trust, plus financial penalty is just too heavy a burden.

The ‘hokey kokey’ of the Referendum debate

graph 2

With June 23rd closing in upon us, political ping pong seems to be the order of the day.  With so many mixed messages in the market, it is difficult to see the wood from the trees.

As we are all aware this is obviously a personal decision, but I believe one that should be based upon facts not political point scoring around the pros and cons of a Brexit decision.

We are given some estimates suggesting the total economic cost of EU membership is around 11% of our annual GDP at around £200 billion.  Some say this money would be better spent on new British industries.  It is also stated that the EU is one of the world’s largest markets, accounting for 25% of global GDP.

The interesting point is that it is said that the EU is our biggest trading partner, with 45% of the UK’s exports to the EU, and 50% of all imports are from the EU.  You could argue that our membership makes us a more attractive destination for foreign investment.  Figures from 2012 show we received around £937 billion of Foreign Direct Investment, while 50%  of UK FDI is EU-related.

It is thought by ‘Brexiters’, we can independently pursue international trade deals with China, India and the US, this may well be true, but there is nothing stopping us today, or is there?

It is said that the EU has many layers of bureaucracy and regulatory issues.

I see that Nigel Farage believes we could strike an agreement with the EU that is similar to Norway’s, having access to the EU but not being bound by it.

And not to mention the most charged debate around the immigration effect on the country.

When I questioned my professional colleagues, it is very clear to me that they all have differing opinions, some to stay in and some to exit, both parties putting up convincing arguments and as far as I can see neither is wrong and there is value in both.

One thing that is understood is that we are all aware of where the EU has taken us as a country since 1972, but what will exiting deliver and where would this untrodden ground take us?    In reality, nobody knows.

map 1

I therefore question what the real issues are and whether we are being given all the correct facts, plus what are the motives? Will we ever understand what it will mean to us before we are asked to vote in 27 days time, or will we all be simply voting upon minimal information based on a favoured approach by our local MP’s – and on the basis of a set of reforms negotiated by Prime Minister David Cameron, be they weak or strong?

As an IT Managed Services Provider we could sit on the fence, however for a few of our customers, it could have major repercussions if we left the EU.

What do you think?  How might it affect your business?