Cyber security is once again in the spotlight following the spate of attacks on a range of individuals and companies, including the UK’s National Health Service (NHS), FedEx and Telefónica.
In issue 177 of The Superyacht Report, we spoke to a number of experts on the probability of cyber attacks within the superyacht industry and to UHNWIs. For many, the phrase ‘cyber security attack’ invokes an image of hackers performing a hostile takeover of a yacht’s navigation system. This - although possible - is not the most probable form of attack. What was experienced by the NHS over the weekend is not out of the realms of possibility for any company, as well as UHNWIs at sea. Managers, advisors, family offices and brokerage houses are all at risk of attack due to their database of information, such as email addresses, bank details and home addresses, which make them high-profile targets.
The attack on the NHS is still ongoing, with many experts foreseeing more problems as workers return to their desks today. Interestingly, the hackers and malicious malware were stopped in their tracks by a cyber security researcher who instigated a ‘kill switch’ online, not by existing software. Every cyber breach is different, with attackers using guerrilla tactics in order to inflict the most damage, meaning it's difficult for software to exist that covers every type of attack. This inherently is the problem with cyber attacks, as there is no end in sight for these type of events. As Simon Rowland founder of security company Veritas explains, “Cyber security is something that will continue to develop from this day for as long as we have computers. Out of all the fields of security, this is the one that will endure for the longest.”
Following on from the events this weekend, many politicians and commentators have jumped on the fact that NHS funding has been cut in recent years, which may have lead to the weaknesses in the systems. For Rowland, cyber attacks needs to be taken seriously at the highest levels of government. “Cyber security is down to the private individual or to the company itself. It’s viewed as a private problem, not a national strategic problem,” he says. It is understood that this weekend’s attack was initiated through an email spreading malware, software designed to corrupt and damage a computer’s system.
The key issue with cyber attacks is that it is often the case of locking the stable door after the horse has bolted; many companies do not consider their level of security until after an attack. It is unfortunate that the chaos, confusion and damage that follows a cyber breach is often the motivating factor in adequately equipping computers and personal devices. Educating the breadth of the industry on the risk of cyber is the most effective way of protecting owners, superyachts and individual companies from attacks, “Everybody needs to be aware of vulnerabilities, how they are created and what the consequences are,” says Rowland.
Hear from a range of cyber security experts in issue 177 of The Superyacht Report, which is available here.