A warning issued by Janet Napolitano, the homeland security secretary in the United States, in the immediate wake of Hurricane Sandy is already coming true.
She said the devastation caused by the hurricane on New York now underlines the pressing need for increased cyber security.
Alan Brill, the senior managing director of the cyber security and information assurance practice at the security company Kroll, says many companies, including some Wall Street-based financial institutions, are already facing a massive potential threat in the wake of Hurricane Sandy as hackers take advantage of breaches in security to try to break into IT systems.
"Organisations are going to have to look to determine whether in the course of the storm, they had to use shortcuts or change their procedures to allow them to continue operating," says Mr Brill. "Changes in procedures are often associated with changes in risk."
He quotes an example of the way in which hackers are already taking advantage of disaster conditions, where an organisation's offshore telephone helpdesk was contacted by a bogus caller requesting an emergency download of sensitive personnel information. The caller said the information was needed to assist staff who had been affected by flooding.
Because internet conductivity had been lost in the area and telephones were not working, the help desk could not make a reasonable verification of who was making the request and sent the highly sensitive information to the bogus caller's "backup site," which was, as it eventually transpired, a system controlled by hackers.
Another hazard is the physical destruction wrought by the storm damage that took place in the wake of the hurricane.
"Flooding damaged computers and hard drives in hundreds if not thousands of businesses and organisations throughout the region by hurricane Sandy and the subsequent storm," says Mr Brill.
The data recovery unit at Kroll Ontrack had been working almost around the clock to perform emergency recoveries for mission-critical business data lost as a result of water damage, he adds.
Other problems were less predictable. Some small to medium-sized businesses had the foresight to install generators to provide for continuity of computer operations in the event of a power outage. However, because of the unprecedented length of the blackouts, many of the generators ran low on fuel. With waiting times of up to six hours not unusual in local filling stations, there were long lines of people with plastic petrol containers trying to get fuel for their generators.
Nor is there any end in sight for the disruption caused to New York's vital infrastructure.
"This isn't a problem that will go away, even once the streets have dried out," reports the New Scientist magazine, which says that the problem is that New York is degrading from beneath the city streets. Much of its vital infrastructure - the utility pipes that carry gas, water and electricity plus the city's extensive subway system - is buried deep underground and rapidly rusting away.
Many of the massive skyscrapers in Manhattan, for example, are heated by high-pressure steam sourced from mile after mile of high pressure steam pipes. Some of these are very old and there have previously already been instances of pipe explosions closing down entire areas because of the dangers of dust from the asbestos that had once been used to insulate the underground piping.
The Economist magazine also reports that the worst is yet to come and that catastrophic losses will double every decade in the US because of growing population density on the coasts.
Companies with offices located well outside North America also have much to learn from the lessons on cyber security now being so painfully taught to New Yorkers and also to those international organisations with IT facilities located in the affected area.
"You need to figure out what can go wrong and what your backup plan is," says Mr Brill. "It could be a hurricane or a tornado or an earthquake or any of a number of other disasters. I think the lesson from this superstorm is that you cannot make the assumption that you will not become a victim of circumstance."
Kroll believes there are a number of simple questions any organisation can ask to ensure future IT security in the wake of any possible eventuality.
What is it that the organisation depends on for its IT infrastructure and IT security to work properly?
Where does an organisation get its power and telecommunications?
How do the staff get to work?
How long would the fuel supply to the backup generators last in the event of a prolonged power outage?
Even more alarmingly, Ms Napolitano is warning that the US is now under a growing threat from a cyber attack by hackers bent on bringing down the entire nation's control systems for utilities, water plants, pipelines and financial institutions.
"Ignoring the lessons of Hurricane Sandy really means that you're betting the future of your company on pure, dumb luck," says Mr Brill.
[ business@thenational.ae ]
BIGGEST CYBER SECURITY INCIDENTS IN RECENT TIMES
SolarWinds supply chain attack: Came to light in December 2020 but had taken root for several months, compromising major tech companies, governments and its entities
Microsoft Exchange server exploitation: March 2021; attackers used a vulnerability to steal emails
Kaseya attack: July 2021; ransomware hit perpetrated REvil, resulting in severe downtime for more than 1,000 companies
Log4j breach: December 2021; attackers exploited the Java-written code to inflitrate businesses and governments
Company Profile
Company name: Namara
Started: June 2022
Founder: Mohammed Alnamara
Based: Dubai
Sector: Microfinance
Current number of staff: 16
Investment stage: Series A
Investors: Family offices
Key Points
- Protests against President Omar Al Bashir enter their sixth day
- Reports of President Bashir's resignation and arrests of senior government officials
Our legal columnist
Name: Yousef Al Bahar
Advocate at Al Bahar & Associate Advocates and Legal Consultants, established in 1994
Education: Mr Al Bahar was born in 1979 and graduated in 2008 from the Judicial Institute. He took after his father, who was one of the first Emirati lawyers
Inside Out 2
Director: Kelsey Mann
Starring: Amy Poehler, Maya Hawke, Ayo Edebiri
Rating: 4.5/5
CRICKET WORLD CUP LEAGUE 2
Mannofield, Aberdeen
All matches start at 2pm UAE time and will be broadcast on icc.tv
UAE fixtures
Wednesday, Aug 10 – Scotland v UAE
Thursday, Aug 11 - UAE v United States
Saturday, Aug 14 – Scotland v UAE
Monday, Aug 15 – UAE v United States
UAE squad
Ahmed Raza (captain), Chirag Suri, Muhammad Waseem, Vriitya Aravind, CP Rizwan, Basil Hameed, Rohan Mustafa, Zawar Farid, Kashif Daud, Karthik Meiyappan, Zahoor Khan, Junaid Siddique, Sabir Ali, Alishan Sharafu
Table (top three teams advance directly to the 2023 World Cup Qualifier)
1. Oman 36 21 13 1 1 44
2. Scotland 24 16 6 0 2 34
3. UAE 22 12 8 1 1 26
--
4. Namibia 18 9 9 0 0 18
5. United States 24 11 12 1 0 23
6. Nepal 20 8 11 1 0 17
7. Papua New Guinea 20 1 19 0 0 2
States of Passion by Nihad Sirees,
Pushkin Press
The specs
Engine: 2.0-litre 4-cyl turbo
Power: 201hp at 5,200rpm
Torque: 320Nm at 1,750-4,000rpm
Transmission: 6-speed auto
Fuel consumption: 8.7L/100km
Price: Dh133,900
On sale: now
The Specs
Engine: 1.6-litre 4-cylinder petrol
Power: 118hp
Torque: 149Nm
Transmission: Six-speed automatic
Price: From Dh61,500
On sale: Now
The National selections
Al Ain
5pm: Bolereau
5.30pm: Rich And Famous
6pm: Duc De Faust
6.30pm: Al Thoura
7pm: AF Arrab
7.30pm: Al Jazi
8pm: Futoon
Jebel Ali
1.45pm: AF Kal Noor
2.15pm: Galaxy Road
2.45pm: Dark Thunder
3.15pm: Inverleigh
3.45pm: Bawaasil
4.15pm: Initial
4.45pm: Tafaakhor
Ziina users can donate to relief efforts in Beirut
Ziina users will be able to use the app to help relief efforts in Beirut, which has been left reeling after an August blast caused an estimated $15 billion in damage and left thousands homeless. Ziina has partnered with the United Nations High Commissioner for Refugees to raise money for the Lebanese capital, co-founder Faisal Toukan says. “As of October 1, the UNHCR has the first certified badge on Ziina and is automatically part of user's top friends' list during this campaign. Users can now donate any amount to the Beirut relief with two clicks. The money raised will go towards rebuilding houses for the families that were impacted by the explosion.”
TO CATCH A KILLER
Director: Damian Szifron
Stars: Shailene Woodley, Ben Mendelsohn, Ralph Ineson
Rating: 2/5
Financial considerations before buying a property
Buyers should try to pay as much in cash as possible for a property, limiting the mortgage value to as little as they can afford. This means they not only pay less in interest but their monthly costs are also reduced. Ideally, the monthly mortgage payment should not exceed 20 per cent of the purchaser’s total household income, says Carol Glynn, founder of Conscious Finance Coaching.
“If it’s a rental property, plan for the property to have periods when it does not have a tenant. Ensure you have enough cash set aside to pay the mortgage and other costs during these periods, ideally at least six months,” she says.
Also, shop around for the best mortgage interest rate. Understand the terms and conditions, especially what happens after any introductory periods, Ms Glynn adds.
Using a good mortgage broker is worth the investment to obtain the best rate available for a buyer’s needs and circumstances. A good mortgage broker will help the buyer understand the terms and conditions of the mortgage and make the purchasing process efficient and easier.
In numbers
Number of Chinese tourists coming to UAE in 2017 was... 1.3m
Alibaba’s new ‘Tech Town’ in Dubai is worth... $600m
China’s investment in the MIddle East in 2016 was... $29.5bn
The world’s most valuable start-up in 2018, TikTok, is valued at... $75bn
Boost to the UAE economy of 5G connectivity will be... $269bn
MATCH INFO
Uefa Champions League semi-finals, second leg:
Liverpool (0) v Barcelona (3), Tuesday, 11pm UAE
Game is on BeIN Sports
