Howard Freeman, MD, Fortis DPC assesses the potential risks posed by the Fastly Outage
“The recent internet outages caused by the Content Delivery Network (CDN) from Fastly last month demonstrated that CDN’s can be a single point of failure. CDN’s are designed to alleviate performance bottlenecks and is essentially a system of devices that hold copies of data across various points of a network. When it fails, the websites it supports cannot retrieve their data and are forced offline.
“The problem on the 8th of June cost the users of Fastly many hundreds of millions of dollars and this was all caused by a software bug triggered by one of their customers. However, the truth of this is that this COULD have been caused by cyber criminals and so the warning signs are there for the future.
“A Ransomware attack could prove disastrous for many if it were to succeed. Taking down a CDN would have widespread consequences for all involved. This fact is undoubtably not lost on the hacker community. With over 86% of attacks being financially motivated according to Verizon’s 2020 report[i], the trend is unlikely to slow down any time soon. There is an undeniable shift towards organisations like CDN’s as by the nature, the attack has scale and affects many more organisations than just the targeted business. In turn, this brings greater appeal due to the higher impact and therefore, higher ransoms.
“Many Governments have said that they do not negotiate with terrorists. Hijacking an aircraft in return for ransoms are now a thing of the past for example. Businesses should now take the same approach to send a message to the cyber criminals that there is no money on offer. You might think, ‘easy for you to say’. And you would be right. If a business’s data is encrypted and put beyond use, the business will want to recover and begin trading again. However, not all attacks where a ransom is paid ever recover their data, though the numbers around this are unclear as companies don’t always reveal that they have paid a ransom or whether the attackers released their data following any payment.
“I have always believed that if you pay hackers a ransom, the chances are they will, if they can find a way, come back and do it again. Following an attack, companies will invest in back-up solutions and beef up security in order to prevent further attacks. However, over time complacency can set in and once their guard is down, the attackers may strike again. Of course, it is not always the business that pays the ransom, insurance cover is available. However, following a breach, this can prove to be very costly. Any cover provided following a breach, would be subject to the most stringent audit and high standards together with official certifications to prove that standards are being met and maintained. Not to mention very high premiums.
“Such outlay would be better spent prior to any attack. Organisations often see cyber defence as a cost, when in reality, it is an investment. Sadly, it is not a ‘set and forget’ situation, it is an ever-changing landscape and as such requires dedicated resources and continuous investment.
“This money would be better spent on people and resources and not given to criminals”.