[BreachExchange] Hackers and scammers aren't just hitting big businesses, but small ones too

Audrey McNeil audrey at riskbasedsecurity.com
Wed May 9 18:55:21 EDT 2018


We always hear about the data and password breaches that affect millions of
individuals. Mega breaches, like ones that occurred against eBay, Equifax,
Heartland, and TJ Maxx affected over a half-billion consumers.

A prime example was the Sony PlayStation Network hack that saw 77 million
user’s data compromised. This was a backdoor hack, executed against a
single unprotected computer on the end of the network, according to reports.

Underreported has been the plight of small to medium businesses as
enterprising cybercriminals are always looking to exploit the cash reserves
of unsuspecting entrepreneurs and smaller corporations.

In one case, an Australian car dealership lost $7 million dollars after
responding to a phony email. The communication was created to appear as if
it was sent from the company’s CEO and stated an immediate wire was
required in regard to a pending project.

"The actor sort of implied that the dealership manager's promotion would be
on the line if this didn't happen," FBI Agent Ryan Brogan told the
Australian Cyber Security Centre earlier this month.

Hackers have started to study their victim’s businesses in advance by
examining their email communications. This new wave of criminal activity
involving fraudulent high dollar transactions in the form of business email
compromise attacks has victimized numerous businesses via large dollar
transactions. Some individual attacks have even reached into the millions
according to law enforcement agencies.

The single point of failure in many cases is the seemingly innocent opening
of an email. Spamming and Phishing vulnerabilities can be harder to gauge
for very small businesses who may not have the benefit of a full-time IT
department or responsible internal protocols restricting web surfing or the
use of private email on their network.

Spamming allows hackers to coerce a victim to spend money on illegitimate
goods or services. Botnets are responsible for sending the majority of
messages. These often display advertisements for health or security
software that trick people into believing are necessary to clear infections
on their network. Many victims of spam emails with malicious attachments
become susceptible to aggressive ransomware, like WannaCry, which is one of
the countless malware threats that seek to encrypt files and demand ransoms
to supposedly restore the files on an infected computer.

Such threats have become an unfortunate norm in a society that unknowingly
allows cybercrooks and hackers to perpetuate their mass manipulation

Phishing attacks steal a victim’s login and password details, so hackers
can read emails as well as control the victim’s social media, email and
online bank accounts. Phishing is an effective tool for hackers that find
their victims tend to use the same password for multiple accounts.

Where do affected businesses turn in this unfortunate situation? While
cyber insurance is offered by major insurers, many times the actions of
employees or a lack of internal protocols invalidate the insurance policy.
And most Insurers will only cover robust networks that have well-documented
security procedures that are adhered to and audited regularly.

The short-term adversities created by a sudden lack of capital also
presents its own unique set of negative circumstances for companies with a
shortage of cash on hand. A sudden cleaning out of a business's accounts
could cause issues with vendors that would precipitate production delays
and begin the negative domino effect towards a business’s failure.

Smaller businesses that would normally not purchase cyber insurance would
be wise to employ the use of a content gateway that provides content
website scanning and classification.

Network protection from the potentially infectious web is an important
first line of defense. Smaller LLCs and sole proprietorships that don’t
have the capital to afford all the bells and whistles that larger
corporations can access must act responsibly when dealing with web searches
and their personal email accounts.

As long as there is money to be made, hackers will only get better and
continue to find vulnerabilities in even the most sophisticated and
expensive network protection. For smaller businesses, it is of utmost
importance to remain vigilant and aware while conducting online business.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20180509/0f41de61/attachment.html>

More information about the BreachExchange mailing list