This week’s WineDown episode is a quick update on cyber security. What exactly has been happening in the last couple of months?
Hacking Isn’t What It Used to Be…
There are a lot of bad things on the internet we need to protect businesses against. When we think of hackers, it’s no longer a person in a dark room trying to madly break into your systems. That’s the old way of hacking.
Now, it’s fully automated systems doing the job for the person. This means that more attacks can be done around the clock and with far less effort.
Pure technical hacks – with groups of hackers – are usually focused on specific targets (e.g., large corporations). Once they know their company is compromised, they could make significant payouts.
If your business is really targeted by a nation-state security force, you’re going to have a very hard time protecting yourself unless you have spent a significant amount of money on effective security. When we say a significant amount of money, we mean a great amount that is often not realistic for small to medium-sized businesses.
It’s Not All Doom and Gloom
There are much simpler places to start: ransomware/malware and business email compromise (BEC). People may think of these as dull topics, but they are still two of the most lucrative approaches around to date.
Malware can hide in encrypted traffic and bypass firewalls (unless they are looking for it). Make sure your firewalls are inspecting encrypted traffic.
Traditional anti-virus is not sufficient. You should be using more advanced endpoint protection to protect your business.
Domain Name System (DNS) filtering is a process that stops people from going to newly registered or known bad sites.
Attack Surface Reduction (ASR) means limiting the number of things that can be attacked, preventing malware infections.
Runtime checking checks to see if code is known to be good – only allowing previously classified “good-ware” to execute on a machine.
You need a multi-layered approach.
BEC: The Rise and Expensive Damaging Effect
A Business Email Compromise, or a BEC, is a type of scam where a hacker takes full control of a business email account after working out the User ID and password. This gives them control to act as you, the business owner, and do bad things!
One common BEC method is to send an email to the finance team asking for a specific invoice to be quickly paid. Yes – it happens, and it works.
Unfortunately, the rise in Business email-based attacks is still doing damage. The FBI put out a statement this week saying that $43B had been lost to this approach. That’s a lot of money.
A Way Forward
The last thing you want is to find yourself falling victim to a cyber-attack. So, how can you protect your business from BEC scams?
Train people in the business on security awareness.
Use Multi-Factor Authentication to protect accounts.
Don’t send funds to unknown destinations.
Ask for proper verifications of account detail changes (in writing) by the organisation you are sending funds to.
While these are some effective approaches to enhancing your business security, it’s often better to use a security framework that covers multiple areas.
If you’re starting out with security, you may find your business sitting in security “level one” in all areas. That’s ok. The important thing is to continually improve over time. Each month or quarter, choose an area and implement solutions to address the concerns covered by it. Over time, you will gradually increase your security posture.