We’ve talked about some of the more common threats that all businesses need to be careful of, but how dangerous is the web and how much of a risk is the current IT landscape?
Today we’ll talk about a few of the most widespread threats that need your attention.
Windows End of Life
When it first came out, Windows 7 was very popular. For many, it was the best, or only, OS that would support their business essential software. When support officially ended in January of 2020, it left a lot of people open to attacks. According to some estimates, as many as 22% of all PCs were still running Windows 7 in April of 2021! The sad thing, this isn’t the only Windows software that people are still using that puts them at risk. Windows Server 2012 is another service rapidly approaching its end of life, currently set to retire in October of 2023. Servers using this old software are at risk due to the age of the equipment alone but their data will be even more at risk without an update before the deadline.
In case you weren’t aware, the single largest reason for upgrading is security related. So, when Microsoft stops updating security on these systems, it’s just a matter of time before your system becomes an easy target for hackers. While antivirus software helps reduce the dangers of malware and viruses, you can’t rely on it to mitigate the known risks of an old and unsupported OS system.
Marriott’s Data Breach
Don’t think hackers only target little old ladies on 15-year-old computers. Marriott Hotels was fined extensively for a breach that exposed the private information of over 332 million customers. Even though it can be argued that the hotel chain was the victim, they are the ones who are responsible for what happens on their servers. What makes this even scarier is that while the company spends quite a bit on their security, they still didn’t detect the breach until September of 2018, nearly 4 years later.
Marriot suffered another hack in January of 2020 that affected around 5.2 million guests and reported another breach in June this year. This goes to show that the amount spent on a security system doesn’t mean anything unless it is well implemented and monitored.
While not excusable, it’s still understandable why someone would want to hack business: money. But if you’re a medical or charitable organization, you should be fine, right? Not so fast! In Europe and Asia, hackers compromised tens of thousands of records for organizations range from charities for abused children to HIV clinics. Here in the US, at least 145,000 individuals who were seeking treatment for addictions at various facilities had their information stolen from a single server. One would think that even hackers would have some sense of decency, but as the saying goes, “There’s no honor among thieves.”
As if ransomware isn’t nasty enough to deal with, hackers have found new ways to come more luctrative. Last year hackers started performing triple extortion attacks. Hackers used to hold data for ransom until they received payment. In retaliation, companies started to back up data and restore information without having to pay the ransom. Hackers became more creative in turn by extracting data as they encrypted it for a double extortion attack. This is when hackers threaten to expose extracted data if they don’t receive the ransom. In a triple extortion attack, malicious actors also seek money from other parties that would be impacted by the disclosure of the data.
We all miss the good old days when a backup of your data was all you needed to protect yourself from the repercussions of a malware attack, but it has only become more apparent that the appropriate steps need to be taken to avoid falling for an attack in the first place.
In recent years, one of the biggest trends in ransomware is the targeting of specific industries. Why is this so scary? Well, the most dangerous enemy is someone who knows how to hit you where it hurts most. In the case of LockerGoga, this particular software was designed to cripple manufacturing firms, specifically, by causing their automation systems to go offline. This disruption is key to the firm’s efficiency. It forced many companies to switch to manual operations and let to a global IT outage for others. Some varients of the malware were so disruptive that they completely shut donw computers and locked out users. This kind of hacking highly incentivized victims to pay the ransom, but also made it easier to raise ransom costs.
While a free tool is now available to decrypt networks and devices impacted by the LockerGoga ransomware, it cost mroe than 1,800 people and institutions in 71 countries $104 million in estimated damages. LockerGoga is an example that cybercriminal tools are only becoming more effective and ruthless as time goes on. These tools are also becoming more widely available as RaaS (Ransomware as a Service) has become more popular. It is only getting simpler for hackers to do their worst.
Not Even Your Donuts Are Safe
Dunkin Donuts is still paying for a couple hacks they suffered in 2020. In this case, the information wasn’t that sensitive — mostly related to their DD Perks program — but it just goes to show that very little information can be considered untouchable. The information went right onto the Dark Web for the highest bidder to purchase. This may not seem like a problem until you read between the lines. This information contained usernames and passwords, which wouldn’t matter unless someone really wanted that free cup of coffee you earned. However, since many of us reuse the same username and passwords for various accounts, it could be just a matter of finding out what other services you use before the thieves gain access to your most critical information.
Dunkin Donuts received a fine years later for negligible security practices regarding client information. Suspicious activity related to the breach was reported in 2015 but nothing was done about it. This inactivity lead to the large breach of information that came later. New laws enforcing the use of specific security practices led to large fines and a very big remitigation strategy for Dunkin Donuts to follow. It was still too little too late for the stolen and sold credentials, unfortunately.
Your Staff is your Biggest Risk
We all know that Hackers and other criminals are working hard, finding ways to break into your business. But their job gets more difficult if your employees train regularly in the dangers of cybersecurity. Employees unintentionally cause about 88% of all malware infections. BEC (Business Email Compromise) schemes remain just as popular as they were in the past. It is estimated that over 3.4 billion phishing emails are sent daily. Phishing attacks are only increasing, and hackers are getting harder to spot. Their attacks are branching out into social media and texting platforms, making the areas where employees can make mistakes larger each year.
Risks have also risen as we have taken to more remote work. Companies used to be able to protect data by locking down access by device type and location. Now, many have changed to a hybrid work force. Remote workers access information from anywhere. Employers struggle to enforce safe network practices as employees utilize dangerous free wifi connections. Others do work on their personal, unprotected devices. Any of your sensitive data, along with your client’s data, that your employees can access remotely may be susceptible to breach through smartphones, tablets, and laptops. And we won’t even start on poor password management.
Though we wish otherwise, we don’t live in a safe world. It seems that at every corner someone is trying to breach computer systems to mine any tiny morsel of value. The most important lesson we can learn is to not let your guard down. Don’t think that there’s something special about you that would make you invulnerable or unattractive to a potential data pirate. As long as there is a single penny to be made, someone will jump at it.
Invest in the best cybersecurity you can get. Don’t be the next company to have your data sold on the Dark Web.