Find news and information for the executive corporate security director, CSO, facility manager and assets protection manager on issues of policy, products, incidents, risk management, threat assessments and preparedness.
Issue link: http://sdi.epubxp.com/i/835749
June 2017 www.SecurityInfoWatch.com / Security Dealer & Integrator 19 Most security experts do not recom- mend supporting these terror orga- nizations by paying them, as it leads to further risk of additional attacks and promotes the criminal mindset of the ransomware industry. But the fact is, without appropriate data backups, organizations are le with little choice. Ransomware attacks are growing in frequency, causing devastating con- sequences to organizations across the globe. Numerous, widespread breaches around the world occurred prior to WannaCry, but the event has served as another wake-up call to the end-user community across the globe. But what does this mean for security integrators and their role in creating a viable, proactive plan and strategy to combat ransomware for clients? The Physical Security Target Are physical security systems now emerging as a major target of ran- somware attacks? e stark truth is that anything riding on the network is at risk. Physical security systems are vitally important to daily operations of every organization. At many facilities, any downtime of these systems may significantly affect the safety of people, property and assets. As an example, mass notification systems are widely used to commu- nicate emergency information to stu- dents, staff and visitors across a cam- pus. ey deliver messaging during active shooter situations, lockdowns and potentially deadly weather phe- nomena – and communications must reach recipients quickly and success- fully. If ransomware was to wreak havoc on critical communications like mass notification, users would not be able to send or receive information or instructions, putting the people under their protection at significant risk. In Jan. 2017 in Washington D.C. – just prior to the presidential inaugu- ration – hackers were able to leverage ransomware to take over 70 percent of the network video recorders (NVRs) run by the city, leaving them unable to record video surveillance for days. Reportedly, engineers were able to go to each location and conduct a sys- tem wipe and re-install rather than handing over the ransom. e event illustrates ransomware's potential enterprise-wide catastrophic effect and lengthy remediation period. Many organizations rely on video surveillance systems to meet com- pliance rules and regulations, which oen requires archiving a minimum of 90 days or more of recorded surveil- lance streams. As I have personally witnessed during numerous proj- ect deployments, system integrators are simply installing NVR appliances on-premises, with no database or video recording backup. is places the end-user at significant risk if a ran- somware attack were to take place – the data would be lost and more than likely the only way to potentially have it returned would be through payment. The Impact on Your Customers As systems integrators, we owe it to our customers to be able to take physical security systems to the next