What lessons can you learn from the Maersk cyber-attack?
Last week saw companies across the globe hit by the Petya ransomware cyber attack, with Maersk Group being one of the most high-profile victims. A week on from the attack, Maersk report that their systems have almost recovered. While this was undoubtedly a PR nightmare for the global shipping giant, quick thinking and effective planning has seen a cry out of support from both customers and social ‘fans’. So, what can other companies learn from Maersk?
1. Shut down your entire IT system. As soon as the attack hit, Maersk reportedly shut down their entire IT system. While it may be tempting to simply turn off the infected terminal and continue operating on the remaining network, you risk the spread of infection across the whole company. “We’re being very cautious to ensure that as we bring the applications back up, the attack is contained and rolled back. It limits the accessibility we have at the moment.”
2. Be proactive in your communications. How you deal with your external communications during the cyber-attack is critical. The worst thing you can do is shut your customers out, while you try to figure out what is happening. Keep your initial communication vague, the situation will change rapidly over the first 24 hours, so it’s good to let things play out before you declare anything with certainty.
Once you have a plan in place, issue updates on a regular basis, this will ensure customers know the problem is being dealt with.
3. Remain Calm. Internally it may feel as though the end is nigh, but in your external communications, you must remain composed and measured. This will put your customers at ease and make sure they know you’re on top of the situation.
4. Address internal competencies. There are always lessons to be learnt, and ultimately your customers will want to know what you’re going to do to prevent this happening again. Passing it off as ‘one of those things’ won’t cut it. Assess how the attack happened, what weaknesses you have in your network and what you’re going to change going forward.
5. Have a robust disaster recovery strategy in place. Maersk refused to pay the ransom. Fortunately, they had a reliable disaster recovery strategy in place which allowed them to recover their data and bring the systems back online. Without a disaster recovery strategy, they would have had to play into the hands of the criminals and hope they were good to their word in returning their files.
7. Install anti-ransomware software. Did you know, for the same price as your weekly cup of coffee, you can install anti-ransomware software that would have proactively protected against the both the Petya and Wannacry attack? Avoid the headache of having to implement all of the above and be proactive in your data security. When asked what advice he would give to other companies, Maersk CCO Vicent Clerc said: “There’s a lot of questions they have to ask to make sure they have the appropriate security and do not have to get through the 72 hours we have had to.”