Written for Funeralcare Magazine June 2021

Five years ago I wrote about it here in my second-ever Boffin to Coffin column. Was it really that long ago? Thank you for following me on a journey I could not have predicted back then.

It was with hope that I looked forward through those eyes – hope that sharing the experience might prevent it from happening to others. Hope that, by virtue of a collective awareness, such incidents might be relegated to the past. While hindsight has 20-20 vision, five years of experience has not silenced my Pollyanna-alter-ego. “Oh, you!” she says indulgently to yesterday’s self: “You were such an innocent.”

Yesterday’s optimism is misplaced. Cyber-attacks have increased in frequency, ferocity, and sophistication. Attacks have become targeted, implemented in stages, and patiently crafted so as not to be obvious - even to the experts. It is unreasonable to expect that we mere-mortal computer, tablet and smartphone users will be able to identify such attacks by being vigilant and curious.

I now feel more relief than frustration over my parents’ insistent use of a “dumbphone”. They recently had an account compromised and neither we, nor the provider, have been able to determine how or when it happened. I applaud the provider’s care and responsibility in dealing sensitively and calmly with my folks, as well as their decision to not only restore their funds without question, but to recommend a plan of action for them. It was a sharp contrast to the blame and shame that descended following the five-years-ago experience.

Prevention may better than cure, but it is not enough on its own. You would be as unwise as your five-years-ago self to focus only on the former. There are a great many things we can do to prevent an attack, and you can be sure that in the last year, the Waikato DHB, the Reserve Bank and the NZ Stock Exchange were doing as many of those things as they were able. They still succumbed, and the mop-up was messy.

Even the seasoned and the suspicious can be fooled by the lengths attackers will go to, to appear legitimate. This does not abrogate your personal responsibility to do everything in your power to prevent an attack. Being IT-savvy is no longer something you can delegate to the geek-team. Neither is an attack something you can blame them for. It is up to you to keep your devices and apps up to date, to use strong and unique passwords, and ensure your social media behaviour and privacy settings do not leave you, or your company, vulnerable to attack.

If we concentrate only on prevention however, we will be woefully unprepared when disaster strikes. If we can’t prevent an attack, we need to look at how we can recover from one: what we need to do, and how long it will take. Is there a cure? You’d better hope so. Working in this industry makes us nothing if not aware of the ultimate consequence.

Number one on your journey of recovery: Do not pay the ransom. It could be the start of a long and toxic relationship, which leaves you financially worse off and with no guarantee that your valuable data will be restored, or your future data will be safe.

Contact CERT.govt.nz, the computer emergency response team. CERT was established in 2017 to support businesses, organisations and individuals affected by cyber-security incidents. Their website alone is a mine of valuable information.

Back up your critical files. That is, those files important to you, which you would be unable to recreate, or which would take you longer than a day to do so. Forget backing up everything, unless your everything is critically important. It is easy to become undisciplined in what we keep when time is at a premium, and there is simply so much chaff that it is hard to find the wheat. Identify your important stuff, and make sure you have a copy of it somewhere safe.

Check your bank statements regularly and question anything you don’t expect to see. If you see something suspicious, take action: contact your bank immediately.

Get a credit check done annually, to uncover identity theft. Ensure your personal or company details are not being used by someone else to obtain loans or credit. Again, follow up with your bank or financial institution if you see anything suspect.