The latest cybersecurity incident has struck Nikkei’s Asian unit. The area has been hit by a ransomware attack. Upon notification of the incident, Nikkei and the Asian unit reported the attack to Japanese and Singaporean authorities in charge of personal data protection.
While the extent of the attack and whether or not customer data was leaked is still unknown, Nikkei has been forced to shut down affected servers as they investigate further.
This attack follows a 2019 incident where Nikkei lost $29 million in a single wire transfer due to a business email compromise scam.
Looking into the matter for Digital Journal is Craig McDonald, VP of Product Management at BackBox.
McDonald places the event in its recent historical contents, drawing a finding that perhaps suggests a security vulnerability with the firm. McDonald says: “Unfortunately, this isn’t the first time Nikkei has experienced targeted cyber activity– a 2019 incident in which the company fell victim to a business email compromise scam led to the loss of $29 million in a single wire transfer.”
Expanding the point beyond the specific firm, McDonald questions the vulnerability to economic activity in general, noting: “These attacks are a testament to just how at-risk organizations can be to multiple targeted cyberattacks.”
However, there is something to be said for repetition and firms can find hackers returning to old grounds. Here McDonald warns: “If anything, cybercriminals can put an even bigger target on a company’s back knowing that they have been infiltrated before.”
This certainly appears to be the case with the recent ransomware attack.
There are measures that all firms should be considering in order to safeguard themselves from attack. McDonald says: “It is crucial that companies are prepared with proper backup and recovery efforts should they fall victim to a ransomware attack or other security incidents.”
Returning to the specific incident, McDonald calls out a vulnerability; “In the case of Nikkei, affected systems have been forced offline while the extent of the attack is investigated. To ensure that time spent offline is decreased to a minimum in similar situations, companies must prioritize best practices for backup and unplanned network downtime.”
To overcome this requires: “A robust plan must include collecting a complete inventory of all applications, software and hardware; outlining specific individual responsibilities in the event of a disaster and ensuring those individuals understand their responsibilities; having alternative communication methods in place; and carrying out regular reviews of this plan as a whole.”
McDonald concludes with his final recommendation, explaining: “Additionally, automating these processes can proactively prevent outages, unnecessary downtime and attacks in general by keeping cybersecurity postures current and removing the complexity from error-prone management tasks.”