Most of us are content to view the nightly news as something that happens to “other people,” but when a story like the Target breach arises, those of us who shop at Target sit up and take notice. But it’s not just the “big” attacks on large companies like Target or Anthem or Sony Pictures that should concern the average news viewer. While these stories attract a lot of national attention, it might surprise you to learn that cyber attacks are far more common in the small to medium business sector.
In fact, in 2014, 60% of all targeted attacks struck small- and medium-sized organizations. What’s more, upwards of 60% of those businesses close their doors within six months after an attack. When you consider those facts, it becomes clear that small business needs to pay attention to online security, and now.
A Matter of “When”
Many small businesses believe that because of their size, hackers aren’t interested in them, preferring instead to target big businesses with lots of customer and banking information. In the not-too-distant past this might have been true, but hacking methods today are quite different; automated attacks can scour the Internet for unsecured computers with minimal effort on the behalf of the cybercriminals behind the attacks. Once compromised, a computer can be mined for its sensitive information, infected with malware that will spread, and even be put into service as part of a botnet – a remotely-controlled network of computers used to infect other machines.
Most businesses recognize that they need to do something to protect themselves and the sensitive information their computers hold. Traditionally, this has taken the form of erecting defense mechanisms designed to keep the bad guys out. Firewalls, spam blockers, and antivirus software do provide layers of protection against intrusion, but they do little to protect data once an attacker inevitably breaks through those defenses. Make no mistake – the volume and variety of threats out there have changed the risk of being hacked from “if” to “when.”
What Cyber Attacks Look Like Today
In its 2014 Internet Security Threat Report, Symantec reports that it observed several cyberattack methodologies that include:
- Deploying legitimate software onto compromised computers to continue their attacks without risking discovery by anti-malware tools
- Leveraging a company’s management tools to move stolen IP around the corporate network
- Using commonly-available crimeware tools to disguise themselves and their true intention if discovered
- Building custom attack software inside their victim’s network, on the victim’s own servers
- Using stolen email accounts from one corporate victim to spear-phish their next corporate victim
- Hiding inside software vendors’ updates, in essence “Trojanizing” updates, to trick targeted companies into infecting themselves
- Using ransomware to turn extortion into a profitable enterprise
- Leveraging social networks and apps to do their dirty work
Lest you forget that there are a myriad of ways a hacker can gain access to your business, take a look at the typical points of attack exploited by cybercriminals:
- Networks – hubs, switches, and routers that move information from place to place
- Web – Criminals are taking advantage of the technology and infrastructure that legitimate ad networks have created to distribute malicious attacks and scams.
- Social Media & Messaging Platforms – Watering Hole, Spear-phishing
- Servers and Workstations (to include email) – Ransomware, Phishing, Virus, Denial of Service
Cyber Security Best Practices We Need to Be Doing Instead
While no security system is 100% ironclad, there are industry standards and best practices that can significantly reduce the havoc wrought by a hacker that gets around your first layer of defense.
- Employ in-depth defensive strategies – multiple, overlapping, and mutually supportive systems to monitor network for intrusion attempts and vulnerabilities
- Antivirus on endpoints
- Use encryption to secure sensitive data
- Ensure all devices allowed on company network have adequate security protections
- Implement policies on such things as removable media
- Update operating systems, firmware, and applications religiously
- Enforce effective password policies
- Ensure Backup & Disaster Recover solutions are in place & periodically tested
- Restrict email attachments
- Educate users on basic security protocols
- Inventory authorized and unauthorized devices
- Inventory authorized and unauthorized software
- Secure hardware/software configurations on servers, workstations, network & Wi-Fi equipment
- Continuously assess and remediate vulnerabilities
- Establish a malware defense – SaaS solutions
- Control administrative privileges and access to sensitive data
- Monitor accounts
- Safeguard against single points of failure
The unfortunate fact of today’s increasingly connected world is that anyone’s information can be compromised at any time, despite security precautions that may be in place. It might seem counter-intuitive for cybercriminals to target small business when there are vast stores of information at larger companies, but often a small business will offer up a tidbit of information that can be used in a larger-scale attack. Additionally, small businesses often have limited resources available in the fight against cybercrime, making them easier targets.
If you’re a small- to medium-sized business, the information above might seem overwhelming, particularly if you don’t have an in-house IT department. Don’t let that stop you from seeking IT security for your business. Businesses like Lieberman Technologies exist to assist small and midsize businesses with their IT needs, including developing a security plan that helps protect your network and your data. If you’re not sure your network is as secure as it can be, conducting an assessment of your current environment is a good place to start.