Cyber threats, data breaches and your tribal company
This article first appeared in Arrowhead’s corporate blog and was modified for our Tribal clients and producers.
Whether your tribal business is large or small, you run the risk of a data breach which grows with the number of employees you have. Granted, insurance cyber threats against smaller companies occur less frequently than attacks aimed at larger ones – but it’s not unheard of for those hackers to focus on you as a backdoor breach into one of your large vendors or partners.
While larger tribal companies’ IT and security groups are well aware of the risk, we find that smaller tribal business owners tend to close their eyes to the problem, hoping to fly under cyber thieves’ radars because of their size. Many will be successful – for awhile. “We don’t have any stored data that cyber thieves would want,” some business owners say. But if you bank online and store employee data and customers’ financial data online, you’re at risk.
As one security expert explained, “When it comes to security breaches, there are two kinds of companies: those that know they’ve been hacked and those that haven’t yet discovered they’ve been hacked.”
“The last five years have shown a steady increase in attacks targeting businesses with less than 250 employees, proving that companies of all sizes are at risk,” Symantec’s 2016 Internet Security Threat Report says. “It’s not just Fortune 500 companies….If there is profit to be made, attackers strike at will.” Security analyses also show that once you’ve been the target of a cyber attack that resulted in a data breach, you have an even greater likelihood of a breach occurring again and again, barring any robust protection you engage.
The vast majority of breaches had been present over 12 months before being detected, says Stephen Brennan, managing partner and global technical consulting lead at CSC. Here are the top six causes of data security incidents last year, according to the second annual Baker Hostetler Data Security Incident Response Report, as reported on PropertyCasualty360.com:
- 31 percent phishing/hacking/malware
- 24 percent employee action or mistake
- 17 percent external theft
- 14 percent vendor
- 8 percent internal theft
- 6 percent lost or improper disposal
In this post we’ll focus primarily on the number one cause; then, in our next post, we’ll cover security suggestions that will cover the other five.
Cyber threats: phishing, spear-phishing or whaling
First, a few definitions. You know what phishing is: tricking unknowing victims into providing usernames, passwords, credit card details, etc. by sending an email with a link to a phony website that looks like the real thing – but isn’t. It’s like fishing with a net: no one in particular is targeted, but the scammer figures he’ll catch one or two. Spear phishing is a little more sophisticated in that the scammer knows a little more about you, and the email looks quite a bit more authentic. These emails can target all your employees, for instance. Then there’s going after the big fish: whaling, which targets executives, using their name, email address, phone number and company name, luring them to a phony website to gain backdoor entry into their systems.
Symantec’s 2016 report mentioned earlier says that last year, 43 percent of spear-phishing attacks targeted small businesses. However, they added, the risk ratio of spear-phishing attacks for small businesses (1-250 employees) is still the lowest: 1 in 40.5. Probably because smaller companies are still – you guessed it – little fish. The risk ratio for medium businesses (251-2,500 employees) is one in 6.8 and for large enterprises (2,500-plus employees), it’s one in 2.7. Yikes.
Some 91 percent of cyber threats start with a spear-phishing email, Symantec said. Who’s most vulnerable? Your sales team. Studies show they’re typically the least aware of what a suspicious email looks like, and the most likely to open and act on it.
Social engineering mimics you
Think of it as a con game: The con man studies his victim, getting to know her, and then persuades her to do something that she wouldn’t otherwise do, because the victim thinks she’s protecting herself.
Read more about how to protect your tribal business from social engineering fraud.
Ploys range from being duped into thinking your computer has been infected with malware, or you’ve accidentally downloaded illegal content – then the con man offers you a solution to instantly fix the bogus problem. But the “fix” actually downloads the malware so hackers can gain access. The three phishing schemes above fall under this loose category, as does something as simple as the hacker, posing as a potential client, leaving a USB thumb drive where you’re sure to find it. You load it onto your computer so that you can figure out who it belongs to, and voila! You’ve installed malware.
Ransomware holds your company hostage
Ransomware is malware that prevents users from accessing files and data on their computer, and threatens permanent encryption or deletion of that data if a specified ransom amount isn’t paid. For individuals and businesses that don’t consistently back up their essential data, the only option is to pay up.
Hackers don’t particularly want to destroy or permanently encrypt the data – they just want quick cash. Historically, the ransom demand has been a relatively small amount, to make payment the easier choice: just pay the nuisance sum and get data access restored quickly. When one of your employees unknowingly clicks on a file or attachment that contains a ransomware virus, it will enter your system and hold it hostage.
Minimize or eliminate your ransomware risk with solid and efficient backup procedures and data restoration plans. With a robust backup system in place, even if your company’s data is encrypted by hackers, that same data is recoverable from your own backup systems.
In our next post we’ll talk more about how your tribal entity can beef up security and train employees to spot these schemes before they infect your system, to protect against cyber threats.
5 types of cyber attacks and how they can affect your business
What are the leading causes of data security breaches?
Is Your Organization Compromise Ready?
Ransomware and Cyber Extortion Are on the Rise – What Can Be Done?
Phishing, Spear Phishing, and Whaling