Many companies are frugal with their cyber security. “It can never happen to us, we are too small” “It’s not in the budget this year, we will look at it next year”.
The fact is: everyone is vulnerable. It is an often quoted fact that 60 percent of all small to medium sized businesses that are a victim of a cyber attack fail to recover and shut down within 6 months.
As we talk to businesses on a daily basis, we hear similar, unfortunate stories: “Our server was infected by malware and we lost a lot of data”. “We were hit by a virus and had to re-install all our PCs”.
It is difficult to quantify the cost of lost productivity, lost data, and lost reputation. Some costs can never be recovered.
It is so easy for a user to click on an attachment in an email and infect an unprotected or badly protected workstation. Once installed, the malware can spread to the entire organization if:
- the Servers and workstations are not adequately protected, secured and patched;
- centralised alerting does not pick up on anomalies and raise awareness;
- users are not aware of, or do not report signs of malfeasance.
Recent trends show that the most prevalent form a of malware is crypto-jacking, where malware is installed on company servers and workstations and starts to consume resources, increase power consumption, and slow computers down – all to make money for cyber criminals by using this hardware to mine for cryptocurrencies. There is nothing stopping this malware from also receiving and sending other data to criminals. Once installed on a computer, malware usually has unrestricted access to the computer as well as the internet, and can communicate at will.
Another current trend in cyber attacks is BEC (Business Email Compromise). Employee accounts are compromised by phishing, keylogging malware, or similar. Once attackers have control of a high level account, they use it to “request and authorize” a change in supplier details where clerks amend the banking details of suppliers. This translates into future payments that are made into criminal bank accounts. Besides these challenges, personal information can be stolen from compromised HR personnel and be used to gain identities and financial gain from innocent 3rd parties.
According to Trend Micro, 5 common business email compromises are:
- The Bogus Invoice Scheme
- Companies with foreign suppliers are often targeted, wherein attackers pretend to be the suppliers requesting fund transfers for payments to an account owned by fraudsters.
- CEO Fraud
- Attackers pose as the company CEO or another senior executive and send an email to employees in finance, requesting them to transfer money to the account they control.
- Account Compromise
- An executive or employee’s email account is hacked and used to request invoice payments to vendors listed in their email contacts. Payments are then sent to fraudulent bank accounts.
- Attorney Impersonation
- Attackers pretend to be a lawyer or someone from the law firm supposedly in charge of crucial and confidential matters. Normally, such bogus requests are done through email or phone, and during the end of the business day.
- Data Theft
- Employees in HR and Finance are targeted to obtain personally identifiable information (PII) or tax statements of employees and executives. Such data can be used for future attacks.
Cyber security involves multiple layers of protection. At Cyberfenders, we advise to start with:
- Protecting the digital border and entry points.
- Putting policies and procedures in place to mitigate threats.
- Educating users to identify and report threats. An informed user can protect company and personal interests.
- Monitoring for change.
Data is the new oil. It underpins business operability, market competitiveness, and is pivotal for individuals to function in society. There’s never a gap time to delay a solid cyber defence plan and supporting operations. With this mindset, there’s only a “too late” time.