Fundamentals First
Scale and flex your business with an IT support consultancy that offers a UK based 24x7 ISO27001 and ISO9001 compliant Network Operations Centre (NOC), Security Operations Centre (SOC), Architecture, Data Privacy and IT Governance services.
25/03/2021
Earlier this week Sierra Wireless, a leading IoT manufacturer reported it was halting production in its manufacturing sites, taking offline key IT Systems and websites, as a result of suffering a ransomware attack.
Sierra Wireless products include network devices, routers, modems and other communications devices. The company believe that none of its customer facing products have been affected by the attack.
Details of what type of ransomware attack and the demands have not yet been disclosed. The attack started on March 20th, with Sierra Wireless disclosing it on March 23rd. As soon as the company learnt about the attack their IT teams followed their emergency cyber security procedures. They hope to bring internal systems, websites, and production sites back online soon.
Sierra Wireless’s annual revenue was $448.6 million in 2020. As part of the disruption, first quarter 2021 results have been delayed due to the uncertainty of the impacts this attack will have on the company.
As of Thursday 25th, the main https://www.sierrawireless.com/ remains down, and replaced with a single message:
Sierra Wireless announced on March 23rd that it was the subject of a ransomware attack on its internal IT systems and websites. We believe the attack has been addressed, and are currently working to bring Sierra Wireless’ internal IT systems back online, including our websites.
We believe the impact of the attack was limited to Sierra Wireless internal IT systems and corporate websites, as we maintain a clear separation between our internal IT systems and customer facing products and services.
In response to the ransomware attack, we have halted production at our manufacturing sites, and believe we will restart production and resume normal operations soon.
Ransomware remains a significant issue for organisations. It is estimated that there are 4000 ransomware attacks daily, with organisations that pay average a payment of £169,000 and experience an average of 19 days downtime.
It is estimated this year that a ransomware attack will occur every 11 seconds.
Cyber-attacks are an ongoing fight against unknown actors. With more state backing, these attacks are becoming increasingly well-funded, complex and common.
Contact Fundamentals First about how our outsourced Security Operations Centre (SOC) will operate as an extension to your in-house teams, providing the increased protection you require.
https://fundamentalsfirst.co.uk/cyber-security-solutions/?utm_source=facebook.com&utm_medium=social&utm_campaign=SierraWireless250321
08/03/2021
A sure-fire method to get into the networks of some of the biggest tech companies out there. Security researcher Alex Birsan has successfully demonstrated a potential supply chain attack, and in the process the proof-of-concept exploit was installed on systems in Apple, Microsoft and thirty three other companies. Multiple organisations have paid the researchers “bug bounties” totalling $130,000 so far for finding these vulnerabilities.
Like other supply chain attacks, the attack works by subverting trusted upstream systems such that the real target downloads and installs a compromised update. However, in this case the target systems were tricked into replacing internal packages with compromised versions from an external source.
This exploit specifically attacks a “mixed ecosystem” of open source and proprietary code, and it exposes a lack of maturity in both technology and common practice when it comes to patching systems.
Read the whole article - https://fundamentalsfirst.co.uk/2021/03/08/proof-of-concept-exploit-affects-apple-microsoft-others/?utm_source=facebook.com&utm_medium=social&utm_campaign=AlexBirsan08032021
09/02/2021
Apple’s recent announcement that it will require an explicit opt-in from users to share personal data which could be used for tracking and targeted advertising, and Facebook’s reaction to it, have exposed the flimsiness of informed consent in data privacy.
The new consent step does not change anything in terms of tracking, it simply makes the user aware that they have the choice to opt-out. Facebook’s objections to the change, although framed in the interests of their small business advertisers, indicate how concerned they are about the impact of informed consent on their business model.
Since the advent of the GDPR many businesses have made a considerable investment in evidencing consent. However, in many cases how informed that consent really is is open to question, and the conflict between Apple’s user-centric approach and Facebook’s advertiser-centric approach flushes the issue out into the open – Apple’s paying customers are its users, while Facebook’s paying customers are its advertisers, and their interests are not aligned.
Any business model which is less than open about data privacy may be exposed to reputational risk, and some business models may become unsustainable.
https://fundamentalsfirst.co.uk/data-privacy/?utm_source=facebook.com&utm_medium=social&utm_campaign=ApplevFacebook09022021
Click here to claim your Sponsored Listing.