Logistics, Cyberattacks and BCPs | The .tk domain saga
CyberInsights #119 - What happens when a cyber attack impacts a large logistics firm? | The result of free, ad supported, domain names.
A large logistics firm in Australia faces a cyber attack…
Thousands of containers lie at ports, waiting.
A huge logistics firm in Australia was impacted by a cyber attack. [LINK]
About 30 thousand containers lie at port, not able to move due to the cyber attack.
The firm says it has activated its ‘emergency plans’. If the emergency plans mean holding 30 thousand containers on the port, they might consider designing a better BCP.
Read more about it here [LINK]
Take Action:
A BCP is only as effective as a well thought out Business Impact Analysis (BIA) that identifies the correct impacts on business operations. Business continuity professionals should work with the business teams to identify and mitigate the right impacts.
Cyber insurers should consider the business interruption claims that can arise from such types of impacts. When providing insurance to a non tech firm, consider the cyber BI sub limits that you will be writing - and any contingent liabilities arising out of it.
The history behind the .tk becoming the centre for cyber crime
The story of a little known island and its top level domain (TLD)
Read this interesting piece on MIT tech review that traces the path of how .tk got to be the TLD of choice for cyber criminals. [LINK]
From the early days of the internet, when business plans were being made around domains and the monetisation of domain names, comes the story of how an Amsterdam based entrepreneur reached out to the islands of Tokelau and, inadvertently, setup the centre for cyber crime.
Take Action:
I’m fascinated with DNS and love reading about this. So, nothing to do, really.
Just read this article to understand more about the early days of how TLDs were setup and some of the business ideas behind them.
I read that article on the .Tk domain issue as well! What a mess.
The BCP/BIA toe-in is crucial and requires stakeholder input on what enterprise priorities are for sure.