3 Months On – Cyber Risk Lessons From the Zaha Hadid Ransomware Attack
- 14th July 2020
- Posted by: Mark Dodds
- Category: AEC, Business, Technology
Zaha Hadid Architects is a big name in its field, but it had been relatively unknown to the rest of the world. That all changed in April this year, when the highly sought after architecture firm hit the headlines all around the world thanks to a cyber attack.
The company’s network had been infiltrated by a hacking group called Light, who used ransomware to steal a huge amount of files and encrypt its business critical data. The hackers then threatened to release the information, including private emails, financial documents, payroll records and personal employee data to the internet unless a huge ransom was paid.
After noticing the breach, Zaha Hadid Architects notified the relevant authorities and the hack became public knowledge. The company chose not to pay the ransom and started the arduous task of restoring files from backups, but it’s still not known whether the issue has been completely resolved.
As experts in cyber security, attacks like these come as no surprise to us. We hear about breaches like this almost every day, so while they’re hugely upsetting the companies affected, situations like the Zaha Hadid Architects attack are far from rare.
Attacks like these are becoming increasingly common and shouldn’t be a surprise to the architecture industry. Hackers don’t discriminate; they’ll try to infiltrate as many different sectors and companies as they can until they strike gold. And once they do, they’ll use the same tactics again elsewhere.
Architecture firms of all sizes are being encouraged to learn from what happened at Zaha Hadid and take the time out to review their cybersecurity setups to minimise the risk. As well as ensuring there are bullet proof systems in place, it’s also essential to make sure that all files are properly backed up just in case.
My take on how to protect your architecture practice
These types of incidents have long lasting effects. I’ve mentioned before that there’s the direct cost (the ransom payment) but what are the true costs?
Enforced downtime – Ransomware will prevent access to systems or data until a solution is found so disruption is a massive one
Reputation – Whilst data can be restored (hopefully)) it’s not always as easy to restore public trust. Could this effect retaining existing clients? Generating future business etc?
Data loss– who’s to say they’ll get their data back after paying?
Hackers know that people often make bad decisions when they’re under pressure, which is why so many choose to pay the ransom instead of seeking proper help. When time is of the essence, there’s not always the chance to fully evaluate what’s happening and choose the best course of action, so it’s imperative that all companies take a proactive approach to data security rather than waiting until the horse has bolted.
- With Covid-19 meaning that lots of employees are still working from home, the risk of cyber attacks has got even greater. Hackers are seeing this new found freedom as the perfect opportunity to take advantage of staff who aren’t particularly tech savvy, so it’s important that companies focus on detection and recovery.
- Limit data access to those employees that actually have a business need for them and re-evaluate permissions on shared drives to prevent it spreading.
- One of the most important things you can do is ensure your staff have access to the right training and understand how to spot common threats. Ransomware relies on human involvement, so having a staff team who can recognise a phishing email can be the key to your survival.
- Strong policies around cyber security are also essential. Employees must know how to report suspicious activity and all devices and software must be regularly reviewed and kept up to date if you’re serious about avoiding attacks.
And perhaps most importantly, you need to know that if things do go wrong, they can be easily fixed. Having a proper backup policy in place can mean the difference between a slight inconvenience and total chaos and reputational damage you’ll never recover from.
How we can help
When your team work from home, you’re widening your exposure to potential threats. And cracks can quickly appear in your business’s protection
We’ve helped our clients in the Architecture, engineering and construction industries successfully transition to working from home in a secure way with the right blend that suits their business. One that protects them well without interrupting how their staff do things.
The team at Compex IT can help you keep your data safe during lockdown and beyond. Just get in touch today.