Sponsored Content
MENTION the phrases ‘network patching’, ‘cloud solutions’ or ‘multi-factor authentication’ and the chances are that unless you are talking to an IT professional, you will receive a blank stare.
But far from being part of some mysterious vernacular, known only to a chosen few, these terms relate to an issue which, according to the director of Jersey’s Cyber Emergency Response Team, affects everyone in the Island.
‘I always say that it takes an island to secure an island,’ explained Matt Palmer, who joined Cert.je when it was founded last year.
‘While cyber is a difficult area to manage, it is absolutely essential that everyone does their bit to protect not only their own data systems but, in turn, the wellbeing of Islanders and the security of our economy.’
And, with cyber-breaches and hacking attempts having increased significantly in the past year, Mr Palmer says that it has never been more important to tackle this issue.
‘Following Russia’s invasion of Ukraine, the cyber-risks that we are facing are greater than ever,’ he reflected. ‘While many organisations have established security controls in response to risks of attack from individual hackers or small cybercriminal networks, we are now dealing with a completely different level of threat from advanced nation states.
‘This is a very real threat as, in some cases, these nation states are closely aligned to cybercriminal networks and hacker groups. Russia, for example, is known to work closely with such organisations to achieve its outcomes. As countries are placed on Russia’s “unfriendly” list, this becomes a sign to such criminal networks that Russia might like to see more attacks in western Europe. That information is circulated between hacker groups and on dark-web forums, creating a direct challenge to local businesses.’
While the aims and styles of the attacks vary, Mr Palmer says that their consequences can be catastrophic for businesses and citizens.
‘The NotPetya ransomware attack a few years ago was aimed at Ukrainian accounting software but, within days, it had a global impact, taking out companies large and small,’ he said. ‘Another more recent example of an attack on ViaSat’s KA-SAT network impacted much of Europe, with satellite networks taken out across the continent.’
While the impact of these incidents may not have been too devastating for many individuals, other cyber-attacks have had potentially life-threatening implications.
‘Only last year, there was a major ransomware attack on the Health Service Executive of Ireland, which caused all of its IT systems nationwide to be shut down,’ said Mr Palmer. ‘At the time, this attack was described as having “severely disrupted healthcare in the country” but the consequences could have been much worse.
‘We have also seen attacks in which communication services have been wiped out, water supplies have been polluted and electricity supplies have been cut, all of which underlines why protecting ourselves against cyber-attacks is so important. This is not just about data but is about safeguarding the wellbeing of our community and the sustainability of our economy.’
And while the above examples reference incidents in Ukraine, America and Ireland, there are, says Mr Palmer, several attacks taking place locally every week.
‘It is very easy to think that, as we are a small island, cyber-attacks will not happen here,’ said the Yorkshire-born father of two. ‘However, that is not the case. They happen here all the time. Just last week, for example, I was involved in the response to two attacks on Jersey firms, both in the same industry.’
While such attacks often remain out of the public domain, reporting these incidents to Cert.je is, says Mr Palmer, essential for raising awareness of the threats and helping businesses to protect themselves.
‘There is a view that people don’t want to share details of such incidents because they could be embarrassing,’ he said. ‘However, by sharing the lessons and highlighting attacks with us, we can give advice and help both the affected business and other organisations to defend themselves.
‘For example, last year, we had a couple of reports of an attack focused on the legal sector. Because we were aware of the situation, we were able to contact all local law firms to notify them of the risk. As a result of that communication, a further three firms found that they had been targeted by the same attack and they were able to respond, which prevented the malicious action from succeeding.’
While stressing the importance of protection and security, Mr Palmer acknowledges that, as cybercrime is such a ‘complex environment’, response remains a critical part of organisations’ work.
‘The only way to reduce the risk is to implement appropriate levels of protection and security,’ he said. ‘But we have to recognise what we are up against. Cybercrime is one of the largest industries in the world, with a value greater than that of many national economies. Because of that, the perpetrators are happy to invest time and resources in each attack.
‘Often, a reconnaissance mission takes place first to identify an organisation’s vulnerabilities, social-media profiles and staff members. This information will then be sold on the dark web to another cybercriminal who may then carry out the attack or sell the information to someone with an interest. The vast majority of attacks can be bought online.’
And, with money a key motivating factor for many among the cybercrime fraternity, ransomware attacks are particularly prevalent.
‘Globally, in about 66% of cases in which organisations receive a ransomware attack, they choose to pay, and we have also seen a number of local businesses pay in these situations,’ said Mr Palmer. ‘However, you have to question whether it can be right to pay for a digital attack. Very often, the propagators are groups aligned with terrorist cells or countries such as North Korea, so any money you send is going to people who will use those funds to attack you or others in the future.
‘There is also no guarantee that, after paying the ransom, your systems will be restored in a timely manner. And, even if you appear to get your data back, can you trust those systems any more? Would you knowingly restore data provided by a criminal group and how would you communicate that to your customers?’
Again, for Mr Palmer, the core message comes back to protection and prevention being better than cure.
‘This demonstrates the importance of having the right controls in place and having your data backed up away from your network so that even if your whole network is compromised, you can still restore all your data,’ he said.
To help businesses and organisations to navigate this complex area, Cert.je has partnered with a number of local firms to mark Cyber Security Awareness Month.
‘In partnership with organisations such as Jersey Business, Jersey Finance, the Jersey Financial Services Commission, Government of Jersey, the Jersey Office of the Information Commissioner and Digital Jersey, we have planned a comprehensive programme of events to take place throughout October to give people the tools to respond to the threats we are facing,’ explained Mr Palmer.
‘While many people may find the thought of cybersecurity overwhelming, effective protection doesn’t have to be expensive or complicated. Although there is no silver bullet or blanket solution, the worst enemy of security is complexity. The harder a system is to manage, the easier it is to find vulnerabilities. For almost all organisations, making good use of the cloud is a really effective way to increase security. This, coupled with good housekeeping, including patch systems and multi-factor authentication, will go a long way towards securing systems.’
While in these cases the onus is on businesses and organisations to secure their systems, Cert.je is also working with the government and critical-service providers to identify the greatest security risks – and responses needed – facing the Island.
‘The fact that, as an island, we run our own critical infrastructure – including health, transport, government, social services and utilities – means that we face significant security risks,’ Mr Palmer said.
‘Critically, we need to understand what these risks are and prepare for them by having the right approaches and protocols in place. Accordingly, we have set up CTAC – a cyber technical advice cell – which is designed to provide technical advice on responding to a cyber-attack in much the same way as STAC advised the government on how to respond to the Covid pandemic.
‘Last November, we also carried out a series of incident response exercises with the government and critical-service providers to work out how we would respond to an attack. Action like this is critical for ensuring that we operate the right controls across the Island.
‘As I said before, it takes an island to secure an island. Without good cybersecurity, we cannot build the future we want for the Island.
‘It is therefore vital that every business and organisation steps up and ensures they have the right level of security in place and are willing to share their experiences so that, together, we can build a community shield to protect one another.’
