Protecting your business from cyber risk begins with understanding the different ways businesses can be compromised. Here are some of the ways.
A beverage distributor has $350,000 stolen. How did it happen? They received what they thought was a phone call from a normal vendor following up with them to place an order. So, they placed their normal order for $350,000 of packing materials and made the payment as directed by the caller. What they did not know was that the phone call was from a hacker. Hackers use information about business partnerships they find on the internet or social media to pretend they are a representative of a company that they are not.
Hackers can gain access to a business’s confidential ordering information by sending an email that looks like it is from one of their normal vendors or customers that contains a link. Once someone in the business clicks the link from a company computer, hackers can gain access to the business’s network, including files and documents. Phishing emails are difficult to detect because they may look credible. Often, they use genuine logos and imagery (copied from the web) and official-looking email addresses where only one letter or digit is different from a genuine email address. Once a hacker has access to company data, they can hold it for ransom (ransomware), sell it to a competitor or another attacker, gather credentials, or observe the company for months or years to gain access to even more valuable data. In these cases, not much can be done to recover money, and it can be difficult to trace the attack back to an individual.
Supply Chain Attack
A hacker will sometimes use a vulnerability in a third-party vendor’s network to access their clients. For example, a large manufacturer allows a third party access to their production planning schedule. If the hacker can obtain access to the third-party vendor’s system through a weak firewall or disgruntled employee, they can then access the larger business’s system that they were really targeting. They could then use malware to harm the larger business’s system or to keep spreading to more of the vendor’s clients. For this reason, it is not only important for a business to ensure their own cybersecurity but also the cybersecurity of businesses they work closely with. This also holds true for any vendors or contractors with physical access to an office, such as janitorial staff or maintenance personnel for utilities.
Cyber Extortion Through Exploitation
A medium-sized trucking company that is known for its reliable service is very busy. The time-crunched office staff forget to update a computer’s operating system with a fix for a major security exploit that was found a month ago. A hacker has been probing different corporate networks and sees that this exploit hasn’t been patched yet. Once the hacker has access to the trucking company’s system, they can steal data on upcoming routes and deliveries, so the trucking company will have none of this data to fuel their normal operations. The hacker will then contact the trucking company and threaten to damage or destroy the data unless the trucking company pays a ransom. This is common with ransomware, where an attacker will encrypt the data and only decrypt it once they have been paid.
These examples illustrate why it is so important for businesses to take precautions and be consistent about cybersecurity. Check out our website for more information and resources.