The latest major cyber-attack that cost a Norwegian company an estimated £40 million should act as a warning to businesses to make better preparations, according to a Midlands security company.
CyberGuard Technologies, part of the OGL Computer Services Group based in the West Midlands, was referring to aluminium giant Norsk Hydro, which has put the cost of its March cyber-attack at up to 450 million Norwegian Kroner (c.£40 million).
The Oslo, Norway-based firm made the announcement as part of its operations and market update earlier this week, shedding further light on the impact of the attack.
Paul Colwell, technical director at CyberGuard, said: “The severity of the Norsk Hydro case should remind all businesses about the scale of the costs and damage that cyber-attacks can create.
“And yet by being proactive, everybody can protect themselves from cyber-attacks, starting with a UK government-backed programme known as Cyber Essentials.
“Cyber Essentials is a framework which sets out what businesses need to do to provide themselves with basic cyber security that will prevent common attacks.
“The aim is to make it easier for businesses to protect themselves, and to be accredited a business must prove it has put in place five key technical controls – with one of the most crucial being ‘patch management’.”
Mr Colwell explained that companies can have a patch management protocol put in place in-house or via a third party, such as OGL’s IT Patch Management service.
This, he said, enabled businesses to keep their IT updated, stable and secure by using a fully-managed service that provided regular updates that were carried out remotely to minimise disruption to operations.
Mr Colwell added: “There are fortnightly and monthly packages available for OGL’s IT Patch Management service, carried out by a dedicated and experienced team of patching engineers.
“Keeping your network, workstations and routers updated, stable and secure is becoming a more critical part of IT support, even more so with the ever-increasing risk of security vulnerabilities being exploited on a regular basis.
“We can remotely update your devices to help maintain efficiency, capability and ensuring the best security practises are applied.
“Also, when controlled correctly via our managed software, patch management can help optimise productivity by minimising downtime as updates are run out of hours, freeing up clients’ internal IT resource.”
But Mr Colwell warned: “When not managed correctly, update services can stop, fail and be overridden by end users. The best and most secure way to handle patch management is through a controlled and dedicated service.”
