University Sexual Assault Checklist
August 15, 2017
3D Printing and Fire Risks – Issue 65
August 29, 2017

Disruption as Usual (Part 2)

The wannacry virus is among blue binary code and ransomware, virus computer attack concept, technology background, vector illustration

By Simon Iliffe, Unimutual Risk Manager

The CEB Risk Management Leadership Council survey of 108 risk, audit and compliance executives across leading global companies ranked technological disruption in the top 5 emerging risks in 2016.

In this edition of “disruption as usual” we explore technological disruption and examine the very different pathology, psychology and impacts these events have when compared with traditional disruptive events.  We are often more comfortable dealing with traditional events such as a building fires, storm damage or bushfires as the consequences are generally laid out before us, we know the scope of works and we can understand the cause but technological disruption has far more sinister overtones with consequences often not immediately obvious and many questions left unanswered.

Unlike traditional disruptive events, technological disruption may not have an obvious beginning or end; the emergency occurs when we finally recognise something has happened, even though it may have been going on for an extended period – we eventually shut the gate “after the horse has bolted”.  Triage mostly consists of an IT forensic investigation and recovery is often about re-establishing system operability, data integrity and building resilience to future events.  This is where the subtle difference lies, recovery from technological disruption typically involves adaptation at a systems and process level rather than replacing bricks and mortar.

What does technological disruption look like?  For the purpose of simplicity, I have characterised technological disruption into four distinct groups:

  1. Hacks, attacks and ransomware*
  2. Seeding, skimming and malware*
  3. Service delivery disruption; and
  4. The fourth industrial revolution

* Find an explanation of the differences between ransomware and malware here or here.

Hacks, Attacks and Ransomware

Attacks such as a system hack or ransomware attack is overt and tends look more like a traditional disruptive event; they happen relatively quickly, you know you have an emergency, you assess the damage and you act to get back to normal as quickly as possible, albeit with some adaptation to your IT system.

The use of ransomware is becoming increasingly common with another high profile WannaCry-style ransomware cyber-attack, Petya, propagating around the world. Whilst the extent of damage is unknown, this latest ransomware is a reminder to Unimutual and its members about the potentially sustained business disruption these attacks can cause.

Petya comes on the heels of the news that University College London, which was named a “centre of excellence in cyber security research” by the UK’s Government Communications Headquarters intelligence and monitoring service, was also hit by ransomware. The attack was initially blamed on phishing emails, with links to destructive software but it was later suggested it was more likely to have originated on a compromised website, where clicking on a pop-up window spread a malware infection.

Whatever the case, most hackers have an innate understanding of the psychology of the average computer user and their irrepressible “urge to click”.

From a tertiary education perspective, data is the most likely target of hacks and attacks either research related data or third-party data in the institutions custody.  Personal information including email addresses, medical, banking and credit details as well as passwords are highly valued on the dark web with data thieves either using the information themselves or trading it for other information or bitcoin.  Data supporting ground breaking research has a significant potential value when sold to the right buyer. How well protected is your research data?  Will your research and development data be filling someone else’s commercialisation coffers?

Seeding, Skimming and Malware

Whilst we can’t know what we don’t know, there is merit in the exercise of imaging what might happen next, looking over the horizon and into an unpredictable IT future.   How many seemingly farfetched propositions turned out to be prophetic in nature?  How does Bill Gates in his 1999 book “Business and the speed of thought” so accurately predict the future years ahead, technology now engrained in our daily lives?  Twenty years ago, the cloud was just a meteorological phenomenon – not anymore.

Corporations and universities are increasingly resorting to the cloud as a means of storing data, but what are the risks?  How secure is the cloud? Fortunately cloud storage is very secure – at the moment. The cloud is like a virtual apartment block, a place where your data cohabits with that of other entities and each tenant has an individual key.  Where is your key, under the mat, in a fake rock, the IT guys computer or in your office desk drawer?

What if someone found your key, what if they “seeded the cloud” with spyware or malware? Effectively broke into your apartment and installed covert “back-to-base” surveillance and recording tools.  Traditionally, cloud seeding involved the dispersal of dry ice or silver iodide into clouds to increase rainfall (that’s why every cloud has a silver lining); but in this scenario the only thing falling from the cloud is your sensitive data, your IP, your next product blueprint – sound plausible?

Malware is becoming increasingly sophisticated, take for instance the Fireball malware, a high volume Chinese threat operation which has allegedly infected over 250,000,000 computers worldwide.  It acts as a browser highjacker but can be turned into full a functioning malware downloader capable of executing code, stealing credentials and dropping additional malware.

In essence, Fireball is adware, which is not illegal and is deployed using two main methods, firstly via a new kind of monetizing method called bundling where malware is installed alongside a wanted program, often without the user’s consent.  The other is via freeware which ironically may cost you big time in the long run.  Fireball dances the fine line between legitimacy and illegality.  For more detail on this threat click here.

Service Delivery Redefinition

A disruptive innovation brings to market a product or service that perhaps isn’t as good as the best traditional offerings, but is less expensive and easier to use. Online learning is a disruptive technology that is challenging the traditional higher education model and forcing universities to tweak the format and delivery of course content targeted by competitors.

The creation of MOOCs (massive open online courses) attracted large numbers of students accessing courses online for free, with Fortune magazine, estimating that by 2013, over a million people worldwide had enrolled in free online courses.  However, MOOCs have limitations that preclude them from fully replacing a university education and their popularity appears to have declined after their initial expansion.  This may be in part due to the rise of Distributed Open Collaborative Courses (DOCCs), a move to counter MOOCs by the tertiary education sector.  DOCCs which are now available at many universities, utilise a virtual classroom supported by decentralized teaching methods including online resources.  DOCCs have adopted a very similar delivery model to MOOCs in adapting to the needs of current day students and a potentially disruptive threat.

How would you like a Bachelor degree in Health Science, Computer Science or Business Administration for just $4,000?  Sound good?  Sign up with the University of the People which is a non-profit, accredited, online, tuition free university, pay $60 for your application and $200 for each course assessment.  This has proven to be a very effective and popular disruption, evidenced by an increasing number of enrolments.  I’m not sure that this would be the best way to obtain a medical degree, particularly with a surgical specialisation, but for less specialised degrees, the University of the People represents a true innovation in the delivery of tertiary education.

Fourth Industrial Revolution

The fourth industrial revolution is well underway, just in case you missed it!  Artificial Intelligence (AI) is already heavily embedded in our day to day lives – on our iPhones, in the car, the healthcare industry and the manufacturing sector just to name a few.  Some commentators suggest that robots and machine learning is capable of wiping out nearly half the jobs in Australia.   Will it replace you or make you more productive?  PricewaterhouseCoopers economist Jeremy Thorpe said it’s going to completely reshape the Australian jobs market.  He suggests that over the next 20 years approximately 44 per cent of Australia’s jobs, that’s more than 5 million jobs, are at risk of being disrupted by technology, whether that’s digitisation or automation.

From making your flat white to detailed document searches, baristas along with a range of white collar workers may be made redundant by the “rise of the machine”.  Underwriters may be able to take even longer lunches as more productive algorithms crunching big data are better able to predict risks, uncovering relationships that traditional techniques may not pick up.

University staff, particularly administrative staff will probably not be spared as many of these roles could feasibly be performed using AI.  Roles involving creative and sporting endeavour along with social skills are less likely to be swallowed up by robots given their lack of emotional intelligence and dexterity, so becoming a professional sportsperson, researcher or entrepreneur may well be a sound career pathway.

The future however should not be about fear, rather about harnessing the power of AI, increasing productivity and adapting to a brave new world.  It will likely involve a monumental paradigm shift in terms of the way people work, services are delivered, goods are distributed and the manner in which organisations interact with their customers.  What will the strategic plans of 2030 look like?

To Wrap It Up

In summary, what are the key differences between traditional and technological disruption?  In short, traditional disruption tends to be largely linear, there is a beginning and an end, we understand the cause, questions are answerable and bricks and mortar are a large part of the solution.

Technological disruption on the other hand is multi-dimensional, ranging from cyber-attack, to new service models and the rise of artificial intelligence with other dimensions yet to be imagined.  The onset and conclusion of technological disruption is less clear, with  few understanding the true cause and effect of the disruption as the event unfolds.  This leaves many questions unanswered as we scramble to respond and adapt to the disruption which ultimately results in system and process adaptation, rather than asset reconstruction.

Disruption As Usual – Part 3 Organisational Resilience

In the next edition of Disruption as Usual, we take a look at adaptation to disruption through the lens of organisational resilience; what key attributes makes organisations resilient.

A helpful checklist: Unimutual’s Cyber Risk Checklist

More resources from Unimutual:

US$1m cyber ransom paid in South Korea

Four lessons from the US cyber experience

Emerging risk report: Mandatory cyber crime reporting