Cyber criminals know where the money is and have been attacking businesses in the hopes of getting a big payout for many years. Hacking and manipulating financial systems to steal money or customer credit and banking information to sell on the black market or stealing trade secrets to sell has been the traditional stock in trade of the black hat community. Successful attacks have been very costly to businesses and can run into the hundreds of millions of dollars for a large breach like the one suffered by Target in late 2013.
While a successful cyber attack can be costly, companies have been able to continue operations after a major breach. Despite additional investments in traditional security technologies the costs and frequency of successful attacks continues to rise. Many larger businesses have tried to offset this trend by investing in insurance coverage to help cover the costs of a successful cyber attack and reduce their overall risk. But this approach only makes sense if the business is able to continue to operate after the attack.
What if the hackers that attacked Target or E-bay managed to destroy the data they were able to access rather than just stealing the data while leaving it intact? What if a health care provider was to permanently lose all of their patient records, billing records and payroll records? How about the law firm the suddenly finds all of the client records have disappeared never to be recovered or the bank that no longer has any record of customer deposits? Would any organization survive the loss of such critical information? Would their disaster recovery and backup procedures protect them and insure the continuity of the business? Disturbingly the answer today is clearly “maybe” rather than “of course”.
For a hi-tech software hosting company by the name of Code Spaces the unthinkable has happened. Hackers penetrated their systems recently and rather than stealing information they demanded payment in exchange for not destroying their data. Code Spaces personnel attempted to determine the validity and extent of the compromise. The attackers detected these attempts and deleted the vast majority of their data as well as their backups and mirror sites. Management at Code Spaces announced that due to the scale of the loss and damage they had no choice but to cease operations and close their doors.
While this might be an isolated incident my instincts tell me that this is a watershed moment in the war between the criminals and the legitimate business community. Once the cyber criminal community at large realizes the power they can now wield there is no turning back. And can any business with a fiduciary responsibility to their stake holders take the chance that a cyber extortionist might follow through on their threats and destroy a company beyond recovery? Only time will tell.