– Leonid Shtilman, CEO, Viewfinity, says:
Businesses and organizations of all sizes know to take precautions to protect their data centers and digital assets, but do they realize they may be particularly vulnerable during natural disasters and severe weather situations? When you think about it, cyber thieves can certainly take advantage of power outages, flooded server rooms, and absent IT staff to gain access to an organization’s data center and critical information assets.
In the wake of a natural disaster, users might not have access to their computers for several days which would give cyber looters enough time to find ways to hack their way into a network.
Without physical access to a computer, there is no alert. So, for example, if a hacker changes a password through the cloud, there’s no way to know until you tried to access the computer. Some systems are based on a default-approve model which is automatic in the event of a disaster. So if you don’t respond to a change of password confirmation, the system might assume it’s OK. A good example of this is a stolen credit card. Generally, there’s a 12- to 24-hour window for a thief to use the credit card without detection. If you’re not online, you can’t respond so you don’t know there is an alert.
With big storms like last year’s Hurricane Sandy giving everyone some warning of what’s to come, cyber looters have advanced notice to loot systems too. Privileged access can be critical to protecting a company’s digital assets. The key is using a secure failover site that protections data in motion and data at rest. While failover sites might not have the same measure of security that the company’s main network has, they need to be secure enough to tide an IT department over until the danger has passed.
The major point of cyber looting is that it’s even difficult for companies to estimate how important it is to have frequent access to all kinds of accounts. If the network is down for weeks instead of days, there’s only a limited window to know what’s really happening with your system. By guarding computers from severe damage to the physical infrastructure, privilege management can help to prevent cyber attacks on administrative accounts. It will not completely prevent cyber looting, but it will decrease the opportunities for a criminal to cause damage.