However, the company’s response was to cut off supply for fear that the malware infected its back-office operations. As a result, supply went down, and demand turned into panic buying.
The takeaway from experts here is that there was no redundancy in place for alternative ways to deliver gasoline. Further, Colonial Pipeline, outfitted with a robust cybersecurity fortress, was penetrable. Although the company did pay the ransom of around $5 million in cryptocurrency, it still had difficulty decrypting its data and getting back online.
The severity of the hack and its effects, which will continue, spurred the Biden administration to publish an executive order seeking to make changes in cybersecurity. The challenge is that most of the critical infrastructure in the U.S. is owned and operated by the public sector, not the government.
The post-mortem of the breach is still in progress, but experts have noted that the company didn’t clearly separate its business network and pipeline operations.
Meat-Packaging Giant Gets Knocked Offline by Ransomware
Another recent cybersecurity attack that affected the country’s infrastructure was that which shut down meat processor JBS. The company’s U.S. beef plants went offline on a Sunday, not returning to operating until the following Wednesday. The likely attackers are a criminal ring seeking a payout after taking control of the organization’s network.
JBS reported that it had backup servers and worked with an incident response firm to restore the systems. While redundancy was in place and the company had a business continuity plan, it did not solve the bigger problem of vulnerabilities in the infrastructure, and operations still had to stop.
At this point, the interruption could lead to meat shortages and/or continue to bump up prices for these products. They were already trending up due to the pandemic.
Reevaluating Business Continuity and Cybersecurity
These two incidents are wake-up calls for any business. Nothing is untouchable. These two examples are one of many. Cybersecurity incidents and ransomware attacks were up, creating a “cyber pandemic.” The FBI reported that cyberattacks were up by 300% during the pandemic. Additionally, Google acknowledged that they were blocking over 18 million phishing emails a day.
Hackers have many motivations—to disrupt, control, or extort. What is clear is that no business and no segment of it is safe. That includes mission-critical communications. While you may have a business continuity plan in place, it doesn’t mean it will be sufficient for a response.
When working on a print and mail business continuity plan, we find that there are several areas of deficiency.
- Backups of data don’t continue to the process. Backing up the data is only one segment. You still have to move that data to print, which you can’t do in the case of network compromise.
- Technology is critical to print and mail. The volume and complexity of your mailings depend on tools to streamline and produce. You can’t move back to a manual process.
- Print and mail aren’t your core competency, so you’ll likely struggle with defining this in your business continuity plan.
- Any delays in statement or letter printing could have severe consequences. If invoices don’t go out on time, it could delay payment and interrupt cash flow. If communications aren’t sent timely and must be law, you could find yourself in non-compliance.
- Having a backup to your operations is costly because they are always on-call but may not produce anything. Additionally, they may not have the latest template for your mailings, which could cause more problems.
Keeping in mind the complexity of print and mail and these challenges, reevaluating business continuity right now is a good idea. Doing so with a partner is even better.
How PCI Group Elevates Print and Mail Business Continuity
We have a unique business continuity approach. We have solutions for those that outsource all the print and mail, those with an in-plant and others that are with third party providers. If we’re your sole vendor, you can be confident that our security protocols are the most aggressive. Our multiple certifications in data security demonstrate our commitment to this. We also have two locations that are fully redundant.
As a partner to in-plants, we’re more than just an on-call vendor. We print and mail a percentage of your jobs each month. That means we always have the latest templates and have workflows developed, so there’s no delay.
In either of these situations, you can have true peace of mind about sustaining mission-critical communications should you be the victim of a cyber-attack.
Learn more about our business continuity solutions today.