There’s a widely held misconception that cybercrime only affects big companies but actually, hackers go after smaller operations as well.
Cybercrime is a complex problem. One of the reasons cybersecurity requires a sophisticated, multi-layered approach is that hackers attack in a lot of different ways. A cyber-attack can be as simple as a single fraudulent wire transfer, or as complex as a virus infecting thousands of networked computers.
One of my missions at the moment is to make owners of small to medium sized businesses aware of the risks they face when they’re inadequately protected from cyber-attack.
Your business doesn’t have to have million dollar revenues to be an attractive target; cybercriminals can find a lot of different ways to make an attack on your company pay.
It’s become such a common problem that most people have heard of ransomware nowadays. Ransomware is a kind of malicious software that criminals use to lock up their victim’s computers so they can extort money from them. But ransomware is just one of a whole host of malware attacks that cybercriminals direct at businesses.
Ransomware is a relatively straightforward attack format; criminals also use bugs like spyware and keystroke loggers to secretly collect and steal information that they can then use in fraud or identity theft.
The most common delivery method cybercriminals use to get their malware onto their victim’s computers is email. Innocent looking attachments on spam messages are loaded with malware so that when the recipient opens them the bugs infect their computers.
Unfortunately, the malware doesn’t necessarily only affect the computer of the person who actually opens the email. Malware can quickly spread throughout a company and infect multiple machines or even take hold of a company’s server system.
Hacking into a company’s servers can be accomplished by infecting the computer system with a worm or virus attack; someone in a company opens a malicious email and clicks on a link or opens an attachment, and unwittingly releases malware into the company’s entire computer network.
From one machine malicious software can rapidly spread to other machines in the company’s network, and find its way to the servers.
On the MailGuard Blog, we report weekly on breaking email scams and a lot of them are designed to deliver malware via bogus links. It’s exactly this kind of apparently simple email fraud that can be the starting point for a major server attack.
Malware attacks on servers can do all kinds of damage to a business, from basic information theft to ransomware incursions and botnets being set up inside the servers.
A network of compromised computers linked together with covert malware is known as a ‘botnet,’ or a ‘zombie network.’
In order to create a botnet, a hacker must first compromise several computers, infecting them with malware. They can then run automated programs or "bots" on all the systems at the same time.
A hacker may create a botnet for several different purposes, such as spreading viruses, sending e-mail spam, or crashing servers using a DoS attack. Botnets can range from only a few computers to several thousand machines, depending on the requirements of the cybercriminals who build them.
Botnets are very valuable to cybercriminals because they allow them to harness the power of many networked computers remotely.
Often criminals will use malware to set up a botnet and then sell it to another criminal group, so creating botnets can be a very profitable business in itself.
One of the simplest and most common ways for cybercriminals to make money is through social engineering attacks.
Even small companies with minimal tech infrastructure are attractive targets for social engineering scammers.
As the name suggests, social engineering is a type of cyber-attack that leverages personal interactions; phone calls; emails; social media messages; these are the tools of social engineering.
Social engineering scammers often go after big scores by deceiving high ranking people in a company. This approach is commonly referred to as CEO fraud or ‘whaling.’
A CEO fraud attack is usually instigated with a bit of covert surveillance of a company with the scammers looking for useful bits of intel like the email addresses and names of senior management people and upcoming transactions. Once they have put together some key data a fraud attack is initiated, usually with an email that pretends to be from the CEO to another staff member, like the CFO, who has control of company funds.
It sounds far-fetched, but scammers regularly pull off scams where they convince executives to release large sums of money to them.
Social engineering is a big numbers game; the scammers just keep sending emails until they get a response.
You can read more about CEO fraud and social engineering in my article ‘Business Owners Hunted...’
Don’t risk losing out to cybercrime
- 43% of cybercrime targets smaller businesses
- 22% of small businesses hit by cyber-attacks are so badly affected they cannot continue operating
- 60% of small businesses that experience a significant cyber breach go out of business within the following six months
Speaking last year at the ASIAL Security Conference in Sydney, the Ombudsman Kate Carnell stated;
"Cybercriminals are becoming more sophisticated and small businesses are particularly vulnerable. Cybersecurity needs to be taken seriously… Many small businesses have successfully blended their physical and virtual shopfronts to establish sustainable operating models... Cybercriminals now are attacking small businesses as a result, very, very regularly. They know the big guys have really cool systems and they know the little guys haven't. Many CEOs are actively running the day-to-day business with an office structure around them. As a result, cyber protection is often forgotten.”
If you would like to learn more about solving the complex cybersecurity challenges facing business leaders today, please read my book Surviving the Rise of Cybercrime. It's available to download, here.