Cybercrime is on the rise and online bad guys are finding new and innovative ways to profit from network weaknesses. No business is safe, including Connecticut small business. In fact, small businesses have become prime targets for hackers and cyber criminals as big companies tighten their security.
Any Connecticut small business can be easy prey to cyber criminals, mostly because SMBs are less focused on security. Consider the startup that lost $1 million in venture funding; the cyber crooks heard about their funding windfall and used malware to monitor the keystrokes on the comptroller computer to access their bank account.
No Business Is Safe
Anyone can be a victim of cybercrime. According to Verizon’s 2016 Data Breach Incident Report (DBIR), no industry or type of business is immune from cyberattacks. All categories of small business suffered some kind of data breach last year, with hotels/accommodations and retailers listed as the small businesses that suffered most. The vast majority of cyberattacks are from external sources and for financial gain. It’s also clear the hackers are becoming more clever since the time it takes to discover a data breach continues to increase. Breach discovery is usually measured in weeks or months rather than hours or days.
There also has been a shift in the nature of cybercrime, especially as it relates to Connecticut small business. Hacking, malware, and phishing are still the biggest threats, but new threats such as ransomware are becoming more prevalent. According the Verizon report, C2 malware (command and control) that infects a server to maintain network access is the most popular crimeware, followed by ransomware and credentials theft.
Connecticut has seen its share of cybercrime. The New Haven office of the FBI has a team of 14 agents investigating cyber threats. Recently, the local FBI has uncovered a network of computers in Eastern Europe compromising thousands of machines around the world as well as an attempt to hack into electric company accounts. A popular attack in Connecticut is the “man in the middle,” where a message between two trusted parties is intercepted and altered.
Common Types of Cybercrime
Hackers and cybercriminals are increasingly targeting small business as easy pickings, but the methods of attack remain the same. Here are some of the most popular techniques:
A hacker often gains access to a company network by capitalizing on an unpatched software vulnerability that provides access to company data. Hackers usually are looking for personally identifiable information (PII), such as credit card numbers.
Some types of businesses have more valuable data than others. For example, retail businesses store credit card records, but social security and medical data is more valuable on the dark web. Credit card data ages quickly since banks are quick to cancel accounts, but social security and medical information can be used for identity theft, Medicare fraud, and fraudulent prescriptions.
Software that infects your network and holds your data for hostage is called ransomware. Most companies determine it’s less expensive to pay $500 on average to unlock the data rather than losing more money and time trying to remove the malware. For example, Cryptowall, an especially nasty strain of ransomware, is estimated to have cost victims $325 million in 2015 according to RSA. The FBI and other law enforcement agencies actually recommend paying ransomers rather than risk losing their data.
Denial of Service (DoS) Attack
Hackers can bring your network to a standstill using a DoS attack, which floods your network or web server with useless data traffic. A distributed denial of service (DDoS) attack is when a server is attacked by multiple sources. Even if you aren’t a victim of a DoS attack, it’s common practice for hackers to use Trojans to infect small business servers and use them as drones to generate DoS data.
The Human Element
People are generally the weakest link in any business security strategy. Not only do you have to consider spiteful employees, but workers are not security savvy. They tend to share departmental passwords, don’t consider security when remotely accessing systems, and fall victim to phishing attacks where they are tricked into giving up proprietary information. There is also old-fashioned human error, when sensitive data is sent to the wrong party or deleted by mistake.
More people are using their handheld devices for business applications. RCR Wireless reports that 85 percent of corporate enterprises have some form of bring-your-own-devices (BYOD) policy for employees. The challenge with BYOD is that it’s difficult to protect mobile devices. RSA reports that there has been a 173 percent increase in mobile fraud from 2013 to 2015, and that 61 percent of all fraud attempts are made from mobile devices. The Verizon DBIR also notes that there has been a decided shift in cyberattack targets from corporate servers to end-user devices, including laptops and smartphones.
Get the Right Security Help
Many Connecticut small business owners are finding that outsourcing their data security helps protect their operations from cyber criminals. The right managed services partner can protect your data and monitor your network for suspicious activity:
- Software updates are the easiest way to reduce attacks. Having an external service provider responsible for keeping business software and operating systems patched and up to date will eliminate many known weaknesses.
- Cloud computing services can protect information assets by moving sensitive data into a more secure server offsite. Data can be isolated and protected in the cloud, making it harder for hackers to access.
- Remote network monitoring can provide a watchful eye on all network traffic, looking for unusual behavior or anomalies that could indicate a cyberattack.
- Secure data backup means you have a clean copy of business-critical data when you need it.
- User authentication and password management are the first line of defense for any computer network, and they can be the most challenging to manage. Managed service providers can help implement authentication protocols and enforce security policies.