10PM. Do You Know Where Your Data Are (Is)?
Monitoring your data supply chain, before you wind up on an extortion site...
From the late 1960s well into the 1980s there was an often mocked Public Service Announcement that would run just before the 10:00 PM News. The spot was just a few seconds long, showed the above (original) graphic and the iconic phrase was spoken in a deep baritone voice.
This was in a time when kids were, generally, able to play more freely, usually “until the street lights came on.” And it was supposed to serve as a reminder that parents should know where there kids are.
The same message can be applied to our data today. We all got a start reminder this week when CloudNordic was the victim of a ransomware attack that included not only their customer data, but secondary and tertiary backups. This means that all customer data is, effectively, unrecoverable. Especially since CloudNordic is doing the right thing and refusing to pay the ransom.
But, the truth is, we have been reminded of this all summer thanks to Cl0p’s MoveIT breach. According to TechCrunch, more than 1000 victims have been announced and more than 60 million victims have had data exposed in this breach.
We all need to get better at monitoring our data supply chain. If asset management is a challenge for many organizations, then data management is a nightmare. Asset management is almost always a function of IT, but every part of an organization creates and manages data. On top of that much of the data created in a modern organization is outsourced to second, third and fourth parties.
This means, as many companies are finding out from Cl0p’s MoveIT attack, that even if you do everything correctly if one of your supplier’s suppliers is hit with a ransomware or data theft attack it could leave your company exposed.
Levi Gundert talks about these challenges of monitoring and managing third and fourth party risk in this post. With data extortion increasingly important to ransomware groups (and many testing out the data extortion only model), knowing where your data is being stored, how it is being protected and planing for what to do if that data is exposed is important for all organizations to consider.