On June 3, I discussed the perils of not protecting your company’s computer network from cyber attacks. In that article, I focused on the fact that most small business owners, because of their size, assume that they are safe from hackers. As we learned, your company’s size really does not matter to a cyber criminal.
Then in a follow-up to my piece, Tom Farrell posted an article with some very interesting specifics about three reasons why a hacker would target your business’s website. His discussion of “botnets” in that piece was really troubling. The fact that your website might be under attack without you even knowing was equally disturbing.
It now seems like nearly every day we are hearing about major U.S. corporations that are coming under cyber attacks. For instance, earlier this month additional details were released about the Citigroup cyber attacks that took place in May. You may have heard the story. At the time it occurred, Citigroup downplayed the severity of the attacks saying, “its security team identified the attack May 10th and immediately rectified the situation.” However, now we have learned that hackers in May obtained information on 360,083 credit accounts in North America, which is about 80% more than first estimated.
As we have seen, according to the L.A. Times, over the past few months there has been a veritable explosion in online:
“ ‘There’s a boom of online theft, just like there was a boom in train and bank robberies,’ said Amrit Williams, a former security consultant now with behavioral research firm Quantivo Inc. ‘We just don’t have the law enforcement to deal with it in the way that results in an acceptable level of risk.’ ” (emphasis added)
The Wild, Wild West – Part II
The last sentence in the above quote is quite chilling. It is simply frightening to realize that not having enough law enforcement focusing on this area literally leaves it up to each individual company to protect the privacy and critical information of its clients.
In this case, Citigroup eventually contacted all of its affected clients. And fortunately, in this attack it appears that only email addresses and contact information was stolen. However, the impact of the attack will be felt for months as these cyber thieves use stolen email addresses for “phishing expeditions” in an attempt to gather critical information. As Tom discussed in his piece, phishing emails can fool you into providing critical information about yourself and your accounts to online thieves.
Again, the bottom-line here is this: Take every possible precaution you can to protect your networks from attacks. Your customers are entrusting you with their private information. Even if you are a small firm, hackers are constantly looking for any unsecure network that they can hack in order to gain access to emails, contacts, and other private pieces of information.
How to Protect Your Business
If you are unsure on what steps you can take to protect your networks, here are some suggestions we’ve made before:
- At a minimum, make sure that your network is protected by a firewall and keep it updated for protection.
- Purchase one of the many anti-virus software programs available and ensure that your use it on a regular basis to keep your system clean or invest in anti-malware software to operate in conjunction with your anti-virus software.
- Be sure that your Windows software is updated regularly so that you have the latest safeguards available from Microsoft.
- Make sure that your network is password protected and ensure that your employees change their passwords frequently and do not share them.
- If you can afford it, hiring a consultant in network security would be optimal.
Do something to ensure that you are protected. Inaction under the assumption that your size will protect you is not the best plan. And again, the cost to you in rectifying the impact of a cyber attack can be devastating, not to mention the loss of goodwill from your clients if you are ever hacked. So take the time now to ensure your networks are safe. As Citigroup learned, you can never be too diligent.
© 2011All Rights Reserved