Expect the unexpected
The reality is that as technology advances, it’s progressing at a staggering rate and it is also becoming increasingly easier for hackers and cyber-criminals to infiltrate businesses
That was the warning from Peter Bailey, KPMG’s director of cyber security, who told this year’s Financial Services Federation conference in Auckland that the gateway into a system was often a simple e-mail.
“This is a big business, one that New Zealand shouldn’t kid itself it’s exempt from with international players launching thousands of attacks every day,” Bailey, pictured, told delegates at the Aotea Centre.
If you think it’s never going to happen to you, just ask Jaguar because the car company is still in the grip of an attack that has already cost it billions.
Hackers obtained staff details, installing malware and disrupting systems, and customer data was leaked alongside employee records in what was the second major incident after a ransomware attack in March.
Jaguar’s supply chain was severely impacted and 100,000 jobs were put at risk as the British government was forced to step in and provide support. The company was only able to restart production after prioritising upgraded IT systems.
The UK’s Cyber Monitoring Centre says 5,000 businesses have been affected and a full recovery won’t kick in until January.
Bailey said it was just plain wrong to imagine hackers as some kind of hoodie-wearing spotty nerds in a basement somewhere.
“This is a sophisticated business. It’s widespread throughout south-east Asia where talented programmers are being lured into what they think are tech jobs, only to have their passports seized and be forced into launching attacks.”
He conceded cyber security was one of those things that gets talked about so often that a degree of fatigue creeps in.
“But we always say the problem is that we have to block multiple holes while the hackers only have to find one,” Bailey says. “It’s always about risk mitigation. There’s no magic security dust, so I’d advise everyone in the lending sector to remain vigilant and regularly review online protections.”
