Museums are not immune from potential cyber-attacks, but should you suffer one it can cause considerable distress with additional time, resource and specialist advice needing to be deployed to re-enable services and functionality. A cyber-attack is an attempt by hackers to damage or destroy a computer network, which may or may not be accompanied by ransom demands. Ransomware is a malware that prevents users from accessing their data by encrypting it. The criminals that carry out the attack then issue a ransom note demanding payment to release the data.
What are the key areas of access for cyber criminals?
Remote Desktop Protocol – this is the main protocol that enables employees to access their office desktops. If these are not secured it allows the cyber criminals to access devices.
Vulnerable Software or Hardware – unsecure or unpatched (you’re not signed up for automatic software updates that would address known security issues) are often used by attackers to access the networks.
Phishing Mails – emails that encourage users to click on seemingly harmless, but actually malicious, links or opening attached files.
To make their attacks more effective, criminals have also been seen to:
- Sabotage backup or auditing devices to make recovery more difficult.
- Encrypt entire virtual servers.
- Use scripting environments to easily deploy tooling or ransomware.
The National Cyber Security Centre (NCSC) recommends that ‘organisations implement a ‘defence in depth’ strategy to defend against malware and ransomware attacks’. Read more on this here.
The NCSC also suggests that the following questions should be posed of organisations.
- Do you have a list of the different organisations that provide your IT services?
- Is it clear who manages and/or coordinates the IT?
- Have you identified the most critical parts of the digital estate and sought assurance about its security?
- Do you have a proper backup and restoration plan in place?
- Do the governance and IT policies reflect the importance of good cyber security?
- Do you train staff on the common cyber security threats and incidents that could be experienced?
- Do you know who to contact if you become a victim of a cyber incident?
There are a plethora of cyber insurance policies available, which have evolved to meet the growing need to insure against cyber-attacks and their increased sophistication. It is a strong recommendation this area of risk is discussed with your insurance provider. These policies not only provide invaluable assistance when you are confronted with an attack, but also forms a key part of your resiliency planning.
About the author
If you have any questions regarding the above, please get in touch with our museums specialist, Ben Leah: