Story image

Tackling NZ cybercrime in 2017: Why recovery is just as important as prevention

10 Feb 2017

Cybercrime is nothing new. Every year, businesses across New Zealand are hit by some sort of virtual attack. Although Microsoft's Malware Infection Index 2016 ranked New Zealand 18 out of 19 Asia Pacific markets, the idea that businesses are safe is wrong. According to Keshav Dhakad, head of Digital Crimes Unit at Microsoft, the "Internet has no boundaries" and every business, including those in New Zealand, are vulnerable.

In fact, a recent story on CIO highlighted just how sophisticated the world of cybercrime is becoming. With big money to be made from hacking into a company's database and stealing sensitive information, scammers are now attempting to dupe the hackers. Selling everything from fake databases to made-up credit card information, scammers are posing as legitimate hackers in an attempt to make money from those in the virtual underworld.

Hacking is Becoming a Complex Industry

In response to the recent surge in scammers, a new database called has been set up. The idea behind it is to store a list of known scammers so that cybercriminals can avoid them in the future. Aside from giving cybercriminals a better insight into the rats in their own community, the site is evidence of how hacking is now an industry and not a pastime. If that's the case, businesses need to be even more vigilant.

Naturally, everything from web application firewalls, passwords and levels of access should all be a standard for any business with an online presence. However, what if it all goes wrong? What if a hacker does manage to break through your defences and access your company's sensitive data? According to data security company Incapsula, a disaster recovery plan (DRP) is not only essential for responding to these situations, but for helping to prevent them.

Learning How to Recover is Crucial

As defined by Incapsula, DRP is the process of responding to a disaster scenario in such a way that it supports "time-sensitive business processes and functions" and maintains "full business continuity." From a preventative perspective, a DRP gives businesses a clear idea of what risks it can face in the virtual world. Indeed, before defining what steps need to happen in order to recover from a disaster, a company first needs to know what potential disasters are out there.

Once your system is compromised and in a "disaster" state, the strategy you then use will be dependent on whether you're concerned about how long your service is offline (Recovery Time Objective - RTO) or how old data is handled once you're back online (Recovery Point Objective - RPO). Naturally, cost and practicality will affect a company’s DRP. For example, a "hot-hot" system using synchronous replication will ensure that a system is 100% synchronised at all times. This means that in the event of an attack, a parallel system kicks in so that your service stays online.

Small Businesses Can Also Afford a Recovery Plan

However, this method is resource intensive and, therefore, something that smaller businesses may not be able to afford. As an alternative, semi-synchronous replication will only kick in once a series of changes have been detected. If a company can afford some loss of data or downtime, this sort of system can be effective as it gives them just enough breathing space to recover and get back online without being too costly.

Whichever way you look at it, cyber security is essential for New Zealand businesses and a DRP is an important part of a complete strategy. Indeed, with The Herald reporting that cyber-attacks have more than doubled over the last five years, businesses across the country can't afford to take any risks. Although DRPs might seem like something only the biggest companies need to worry about, it's worth remembering that data from any source can be valuable for a hacker.

Better data management: Whose job is it?
An Experian executive’s practical advice on how to structure data-management roles within a modern business environment.
Platform9 and Intersect partner to bring unified cloud to A/NZ
“For Intersect, Platform9 represents the single most strategic solution to a set of challenges we see expanding across the board."
Meet the future of women in IT
Emily Sopers has just won Kordia’s first ever Women in Technology Scholarship, which was established to address gender imbalance in the information and communications technology (ICT) sector.
Web design programmers do an about face – again!
Google is aggressively pushing speed in the mobile environment as a critical ranking factor, and many eb design teams struggling to reach 80%+ speed scores on Google speed tests with gorgeous – but heavy - WordPress templates and themes.
Digital spending to hit US$1.2 trillion by 2022
A recent study by Zinnov shows that IoT spend reached US$201 billion in 2018 while outsourcing service providers generated $40 billion in revenue.
'Iwi Algorithm' can grow Aotearoa's mana
Ngāti Whātua Ōrākei innovation officer Te Aroha Grace says AI can help to combine the values from different cultures to help grow Aotearoa’s mana and brand – and AI is not just for commercial gain.
Dropbox brings in-country document hosting to A/NZ & Japan
Dropbox Business users in New Zealand, Australia, and Japan will be able to store their Dropbox files in-country, beginning in the second half of 2019.
Why 'right to repair' legislation could be a new lease on life for broken devices
“These companies are profiting at the expense of our environment and our pocketbooks as we become a throw-away society that discards over 6 million tonnes of electronics every year.”