. >>> NEARLY TWO WEEKS AFTER A MAJOR CYBERATTACK ON A COMPANY THAT PROVIDES SOFTWARE FOR CAR DEALERSHIPS. MANY ARE NOT FULLY FUNCTIONING THE COMPANIES RELY ON CDK GLOBAL FOR SYSTEMS TO HELP RUN THEIR OPERATIONS AND FOR INVENTORY AND CUSTOMER RELATIONS. BUT, SINCE THE RANSOM AWARE ATTACK ON JUNE 19th, SOME CAR DEALER HIS TO REVERT BACK TO OLD OLD FASHIONED WAY, WITH PAPER AND PEN. THEY EXPECT THEM TO BE BACK BY JULY 4th. THEY ESTIMATE THAT FINANCIAL LOSSES FROM THE OUTAGE COULD BE AT LEAST $944 MILLION. AS A RESULT OF BUSINESS INTERRUPTIONS OVER THE FIRST THREE WEEKS. . CHARLES CARMICHAEL JOINS ME NOW, CONSULTING THE ORGANIZATION OF GOGGLE CLOUD. THANK YOU FOR JOINING US. SO, THE OUTAGE, THE CDK CYBEROUTAGE IS STRETCHING INTO THE THIRD WEEK. WHY IS IT TAKING SO LONG TO GET THINGS BACK UP AND RUNNING? >> IT IS INCREDIBLY COMMON FOR ORGANIZATIONS THAT DEAL WITH ENTERPRISE WIDE INTRUSIONS FOR SEVERAL WEEKS, PERHAPS A MONTH OR A FEW MONTHS TO REALLY RECOVER THEIR BUSINESS OPERATIONS. WHAT THEY ARE DEALING WITH RIGHT NOW IS NOT AT ALL UNCOMMON. >> WHAT TAKES SO LONG? CLOSING THE DOOR? >> Reporter: IT IS A COMBINATION OF A FEW THINGS. YOU HAVE TO ENSURE THAT THE THREAT ACTOR NO LONGER HAS ACCESS TO THE ENVIRONMENT. TREMENDOUS AMOUNT OF INVESTIGATIVE WORK TO BE PERFORMED TO FIGURE OUT HOW THEY GOT INTO THE ENVIRONMENT AND DO THEY STILL HAVE ACCESS THE SECOND THING, ORGANIZATIONS NEED TO DO, THEY NEED TO START TO RECOVER THEIR SYSTEMS AND THEIR ENVIRONMENT SO THEY CAN CONTINUE TO RUN BUSINESS OPERATIONS. THAT USUALLY TAKES A FEW WEEKS TO DO THAT. AND FINALLY, THEY NEED TO MAKE SURE THE ENVIRONMENT IS HARDENED ENOUGH SO THEY CAN NOT GET EASILY REHACKED BY THE THREAT ACT OR OR OTHERS THAT MIGHT BE INTERESTED IN DISRUPTING BUSINESS OPERATIONS AND ASKING FOR AN EXTORTION PAYMENT. >> ARE THERE ANY PATTERNS YOU ARE SEEING IN CASES LIKE THIS THAT IT FITS INTO OR IS A NEW ANIMAL? >> Reporter: WE SEE EXTORTION OPERATIONS CONDUCTED AGAINST ORGANIZATIONS OF THE UNITED STATES ALL OF THE TIME. MEDIA RESPONDS TO THOUSANDS. MANY OF THEM RELATE TO DEPLOYMENT OF RANSOMWARE AND ASK OF AN EXTORTION DEMAND FROM THREAT ACTORS AGAINST VICTIM ORGANIZATIONS. WE HAVE SEEN ATTACKS TOWARDS HEALTH CARE, NUMBER OF SUPPLY CHAIN ORGANIZATIONS, BANKING, ET CETERA. THREAT ACTORS ARE LOOKING FOR WAYS TO GET PAID MULTIMILLION DEMANDS BY CONDUCTING THESE TYPES OF INTRUSION OPERATIONS. >> AND, IS IT BECAUSE THE HACKERS ARE GETTING BETTER AT HACKING OR SYSTEMS GETTING WEAKER? OR ARE WE NOT GOOD -- ONE CASE SOMEONE DID NOT HAVE TWO FACTOR AUTHENTICATION THAT IS LAZINESS. >> Reporter: A LOT OF OPPORTUNITIES FOR THREAT ACTORS TO BREAK IN. IT IS DIFFICULT FOR ORGANIZATIONS TO CONTINUOUSLY DEFEND AGAINST THREAT ACTORS. A PROBLEM WE WILL CONTINUE TO SEE AND THREAT ACTORS ARE ABSOLUTELY GETTING BETTER BUT THE GOOD NEWS IS WE ARE ALSO GETTING BETTER FROM DEFENSIVE PERSPECTIVE. I HOPE THAT OVER TIME AS WE SEE MORE ACTIONS BY LAW ENFORCEMENT THAT THE AMOUNT OF INTRUSIONS WILL START TO DECREASE A BIT OVER TIME. >> WHAT CAN BUSINESSES DO TO HARDEN THEIR TARGETS AS IT WERE? >> Reporter: FOCUS ON THE FUNDAMENTALS, MULTIFACTOR IS IMPORTANT FOR DEFENDING NETWORKS. ENGAGE THE GOOD FOLKS TO BREAK INTO THE NETWORK BEFORE THREAT ACTORS HAVE THE ABILITY TO DO THAT. PATCH SYSTEMS, PATCH SOFTWARE. IT IS REALLY CRITICAL AND IMPORTANT. AND, ASSUME THAT ORGANIZATIONS MAY HAVE A LEVEL OF INTRUSION AGAINST THE ORGANIZATION OR AGAINST SYSTEMS AND TRY TO BUILD SOME DEFENSIVE CONTROLS AND VISIBILITY ACROSS THE ENVIRONMENT TO STOP AN ATTACK FROM BEING DISRUPTIVE TO AN ORGANIZATION. >> IS THERE AN ORGANIZATION IF I AM IN A CERTAIN BUSINESS SHOULD I BE MORE CONCERNED THAN ANOTHER? IF SO, WHAT KINDS OF BUSINESSES ARE RIPE FOR TARGETS? >> SO, FROM AN EXTORTION. ANY ORGANIZATION THAT SEVERAL HUNDREDS OF MILLIONS, ULTIMATELY THESE THREAT ACTORS ARE LOOKING TO CREATE ENOUGH BUSINESS DISRUPTION AND COWORSE VICTIMS INTO PAYING USUALLY SEVEN OR EIGHT FIGURE DEMANDS. SO, REALLY THEY ARE OPPORTUNISTIC. HOWEVER, WE HAVE SEEN MUCH MORE TARGETED ATTACKS AGAINST HEALTH CARE ORGANIZATIONS OVER THE PAST SEVERAL MONTHS BECAUSE IT IS
