While headlines have focused on the COVID-19 pandemic, another crisis has been brewing: cybercrime.
In March, Kentucky Attorney General Daniel Cameron issued a consumer alert for businesses using onsite Microsoft Exchange Servers. A nation-state attacker called Hafnium is gaining access to sensitive information and data by exploiting organizations that use the system. Cybercriminals who access the information may encrypt it for ransom, execute a destructive attack, or sell it on the dark web, he said.
Cybercriminals are busy finding new ways to attack. Late last year, a Belgian researcher figured out how to hijack the firmware in a Tesla Model X so the key fob could be duplicated. All he needed was $195 in parts and to be within 5 meters of the owner’s key fob for 90 seconds. Three minutes later, the hacker had his own key fob and could control the car.
Another example: A vulnerability was found in a Qualcomm chipset that is installed in over 100 million cell phones. This vulnerable code allows software to be installed on the phone that cannot be detected or uninstalled.
Many people hear these stories and think, “It won’t happen to me. My company is safe.” But the statistics tell a different story: One out of every four companies is being breached, making cybercrime one of the top three threats to global security.
With business losses crossing the $1 trillion mark, and total costs exceeding $3 trillion, cybersecurity is now one of the largest industries in the world. Many companies have allowed users to work remotely and outside the protection of corporate networks and firewalls. Many of these users have migrated to personal computers, either out of necessity or because the available corporate equipment wasn’t as fast or functional. This combination of reduced corporate security and personal systems (including many home-based devices) has given the cybercriminals a huge opportunity, and they are taking full advantage of it.
So, what are the primary threats and how do we protect ourselves?
• Social engineering and phishing emails: Most of us have received an email from a long-lost relative in Malaysia who wants to give us money. We have learned not to click on those emails, but these days, hackers are crafting more sophisticated messages. IT teams can install content filters that prevent most of these messages, but it’s very important to stay diligent and carefully read emails before responding or clicking any link.
• Stolen passwords: Between personal and business systems, the average person will have up to 76 systems that require a password. On average, 158 passwords are stolen every second, so if you use the same password for everything, you are asking for problems. Make sure to use different passwords for home and work systems, and whenever possible, use different passwords for all financial and business systems. A password management tool can help.
• Ransomware/extortion: Hackers use multiple methods to inject ransomware and they are succeeding at an alarming rate: A network is breached approximately every 11 seconds. They break into a website and change the content or encrypt data on the network, and they hold your data hostage until you pay. The latest trend is to offer to keep your data off the dark web, for a steep fee. If you don’t pay and they post your client information online, you risk reputation damage. A word of caution: They don’t always return the data after you pay the ransom. Protect yourself by using strong passwords and multifactor authentication, and always back up your data.
• Malware and malware-injecting devices: Malware gives hackers access to your data. These cybercriminals can steal your data, encrypt it, or watch your keystrokes to obtain passwords so they know how to mimic you for future attacks. The best way to protect yourself is to limit access. Don’t ever plug a USB drive into a computer if you aren’t sure where it came from. Also, be cautious when using unsecured Wi-Fi.
• Missing security patches: A new client recently approached us because their IT staff failed to patch a very expensive piece of hardware. The mistake proved costly. Hackers heard about the patch release and looked for unpatched hardware, uncovering the company’s error and taking advantage of the lack of security. Remember, if one of your hardware or software vendors announces a patch, everyone knows about it, even hackers. Protect your investment and load patches.
Stay vigilant. The two mindsets that cause trouble quicker than anything else are complacency and indifference. If you lead a team, make sure everyone receives training on how to protect themselves and identify potential issues. Everyone needs to be part of the security team.
Remember: It is better to be proactive in prevention that reactive in repair.
Jim Kramer is a partner at MCM
Kramer Technology Solutions, part
of MCM CPAs and Advisors.