Yet another cyber attack crippled computer and IT systems across the globe this week, as U.S. pharma giant Merck issued a release saying the New Jersey based company was one of the victims.
The attack against Merck, which has operations around the world, is part of the Petya ransomware attack similar to a massive breach last month that deployed the virus WannaCry. The ransomware encrypts files and file systems on a computer, and the hackers charge victims to decrypt their information.
According to a release issued on Merck’s Twitter account, employees were told not to use their computers and to await further instructions at home.
Read the full statement:
Providing an update on global hacking of computer network: pic.twitter.com/VodRaXltKS— Merck (@Merck) June 28, 2017
It is this release that brings up a key point, and a possible learning opportunity. Merck said they had initiated business continuity plans when they learned of the cyber attack, and they were “working to minimize the disruption to our patients, our customers and other business partners.”
Like Merck, it is by staying proactive and identifying, guarding against and detecting threats that your organization remains more resilient. Incorporating cyber security planning into your business continuity planning decreases the amount of overall exposure, and if an attack occurs, it allows your business to recover quickly by having the necessary business continuity plans in place.
Cyber attacks can and will shut down an organization at some point – it is the planning and response that determines success or failure.
It is important to collaborate early and often to keep identifying potential vulnerabilities through risk assessments and a business impact analysis to minimize impact to company revenue and reputation.
Your BCM program data needs to be connected. Updates to documents and incident management notifications need to be seamless and accessible to the people that need them most before and during an attack. A centralized, single system of record will allow you to coordinate who is doing what, and keep them informed in a timely manner.
When a cyber attack affects an organization, employees are faced with a chaotic environment. Merck employees, according to reports, walked in to a system under attack. This is why establishing a recovery plan that works with your business continuity solution is key.
For industry tips and to keep up-to-date in the evolving software space, subscribe to the Assurance Software blog.
Written by Assurance Software
Assurance Software takes your company’s enterprise-wide business continuity and resiliency program to the next level. AssuranceCM and AssuranceNM work together to allow your business to manage recovery seamlessly – protecting every aspect of your business.