Citiraj:
Autor kopija
Pa da firma propadne i ljudi izgube posao?
|
Ha gle - možda ne da firma propadne ali da ostali znaju sa kime imaju posla. Jer iskreno ako rade tako loš posao onda ga ne zaslužuju. Ovaj put su samo dobili po prstima jer nije bilo eksploatacije baze podataka i ništa loše se nije dogodilo. Ali takve stvari se mogu okrenuti u jako lošem smjeru vrlo brzo...
Citiraj:
One password is believed to have been all it took for a ransomware gang to destroy a 158-year-old company and put 700 people out of work. KNP -- a Northamptonshire transport company -- is just one of tens of thousands of UK businesses that have been hit by such attacks. Big names such as M&S, Co-op and Harrods have all been attacked in recent months. The chief executive of Co-op confirmed last week that all 6.5 million of its members had had their data stolen. In KNP's case, it's thought the hackers managed to gain entry to the computer system by guessing an employee's password, after which they encrypted the company's data and locked its internal systems. KNP director Paul Abbott says he hasn't told the employee that their compromised password most likely led to the destruction of the company. "Would you want to know if it was you?" he asks. "We need organizations to take steps to secure their systems, to secure their businesses," says Richard Horne CEO of the National Cyber Security Centre (NCSC) -- where Panorama has been given exclusive access to the team battling international ransomware gangs.
A gang of hackers, known as Akira, broke into the company's system and demanded a payment to restore the data. "The hackers didn't name a price, but a specialist ransomware negotiation firm estimated the sum could be as much as 5 million pounds," reports the BBC. "KNP didn't have that kind of money. In the end all the data was lost, and the company went under."
|
Ja gledam sa svog stajališta kao IT-evca koji nema veze sa sigurnosnim odjelom ali baš zato što sam svjestan opasnosti za sustave koje administriram gledam da sve što implementiram bude bar kolko tolko sigurno nakon informiranja po netu i konzultacije sa dečkima kojima je to dnevni kruh i uvijek upozoravam klijenta na moguće posljedice ako idemo linijom manjeg otpora i "just do it". Ovak nekaj je ta firma trebala skužiti i barem pismeno prezentirati HEP-u zajedno sa prezentacijim potencijalno sigurnijeg riješenja. Ako bi onda to HEP-ov Management odbio, imaju barem opravdanje i čist obraz. Na ovaj način ili nisu skužili ili im je bilo svejedno. A to su najgori Informatičari i ne zaslužuju taj posao.