Monday, 19 August 2024 Reading time : 3 minutes

Imagine a typical Monday morning. Your co-worker, half-asleep, clicks on an innocent-looking email attachment. Suddenly, screen after screen goes black. That one click has just compromised the digital security of the entire company. As we move into an increasingly digital world, protecting our personal and business data is more important than ever. But cyber-attacks and IT failures continue to make headlines. Let us take a closer look at three examples.

Data breach
Data breaches are a critical security issue where unauthorised parties gain access to sensitive data, including personal information, financial details or proprietary company data. One high-profile victim in 2018 was the Marriott International hotel chain, where a security breach resulted in the data of around 500 million guests falling into the wrong hands. This included sensitive information such as names, addresses and phone numbers, as well as credit card and passport numbers. The hackers were able to easily crack the credit card data because the encryption data was stored on the same server and was also stolen during the theft; most passport numbers were not even encrypted. Hackers can use the personal information for identity theft, fraud and targeted phishing attacks. 

Ransomeware attack
Ransomware attacks are a particularly destructive form of malware that either restricts access to a computer system or encrypts the data stored on, demanding a ransom for its release. An example of this is the NotPetya incident in 2017. However, unlike typical ransomware, NotPetya was designed to cause maximum disruption and damage, making data recovery impossible even after a ransom has been paid. Such attacks are also known as wiper malware, which masquerades as ransomware, but ultimately serves as a sabotage tool.

NotPetya initially targeted Ukrainian companies, but quickly spread globally, hitting international companies such as Maersk and Merck. The consequences were severe: Maersk, for example, experienced serious disruptions to its global shipping operations. The ransomware was installed on a server in Odessa and quickly crippled the entire company. Only a backup at in Ghana, which was cut off by a power outage, allowed the servers to be restored. Maersk reported a loss of around USD 300 million as a result of NotPetya.

Software bug
In today's globally connected world, the risk of software bugs has implications that go far beyond individual technical glitches. This was demonstrated this summer when a routine software update from CrowdStrike, a leading cybersecurity solutions provider, caused a massive system outage. The update affected 8.5 million Windows devices worldwide, causing flights to be cancelled, doctors' appointments to be postponed and TV stations to be taken off the air. This event underlines the need for rigorous software testing and robust contingency plans. It also highlights the dangers of relying too heavily on a few technology providers.

Meanwhile, CrowdStrike's shares are still suffering from the setback and are currently trading at just over USD 260.00. The company has lost a third of its value as a result of the failed update, having reached an all-time high of more than USD 390.00 in early July, around two weeks before the IT breakdown. The future of CrowdStrike is likely to remain uncertain. For example, Delta Air Lines is seeking compensation after having to cancel thousands of flights following the system outages. 

Barrier Reverse Convertible on Crowdstrike
13% p.a. BRC on CrowdStrike
Barrier: 60%
Swiss Security Number: 135804963

Indicative terms

 

Disclaimer
This communication is for marketing purposes. It is neither an offer nor an invitation to submit an offer, to purchase or to subscribe to securities and does not constitute investment advice. You should consult your advisors before making an investment decision. Forward-looking statements are subject to known and unknown risks, uncertainties and other factors that may cause the actual results, financial condition, development or performance of the issuer to be materially different from any future results, financial condition, development or performance expressed or implied by such statements. The present document has not been drawn up by the research department as defined in the rules of the “Directives on the Independence of Financial Research” published by the Swiss Bankers Association, hence these rules do not apply to this document. If securities are mentioned in the communication, the base prospectus, the final terms and any key information document may be obtained free of charge from Zürcher Kantonalbank, Bahnhofstrasse 9, 8001 Zurich, VRIS, and from www.zkb.ch/finanzinformationen.

© 2024 Zürcher Kantonalbank. All rights reserved