Today’s cyber threat landscape is awash in everything from classic phishing scams to ransomware attacks, computer spoofing and social engineering attacks.
Most business leaders simply want to keep a step or two ahead of cybercriminals. But those criminals come with plenty of skills, powerful knowledge, and creativity – and no scruples. Protecting your data can be extremely challenging, especially if you’re trying to battle hackers without the right knowledge, skills, and tools to avoid, fight, and survive their attacks.
Unfortunately, data breaches keep increasing. For instance, data breaches exposed 4.1 billion records in the first six months of 2019, with an average cost of $8.64 million for a single data breach in a U.S. business in 2020.
According to Security Magazine, a new and unforeseen dimension has developed in the threat landscape since COVID-19 entered the scene in early 2020, resulting in 40% of the American workforce performing duties remotely.
The pandemic has not only left the world open to vulnerabilities while everyone is trying to stay calm, compliant, and safe from a mysterious human virus, but it has created a new spark of awareness among executives coming to terms with the fact that the problem is bigger than they realized before. That doesn’t mean that business leaders had no idea of what was going on, but the pandemic laid everyone’s intentions and characteristics out for all to see.
Bad actors were running amok, coming up with new scams and schemes while executives and their teams were trying to survive. That’s always the way it is, but you can add new tools and build on your knowledge and skills to keep the cyber wolves at bay, whether your team is in-house or relying on the cloud to work remotely to support your organization’s business operations.
Let’s explore the cyber threats your business might face amid ongoing COVID-19 issues and restrictions, before discussing the survival knowledge, skills and tools you need to fight them.
What Are the Most Prevalent Cyber Threats Businesses Face Today?
Whether you’ve experienced them or not, you’ve probably heard of some of the most prevalent cyberattacks launched against organizations:
1. Ransomware Attacks
Over the past five years, ransomware attacks have become an all-too-common method used by hackers, especially those targeting health care organizations and other emergency-related agencies.
Ransomware is malicious software, also known as malware, that hijacks your business’s files and prevents anyone in your company from gaining access to those files, systems, or networks. The hackers demand that you pay an extortion fee or ransom, usually through bitcoin, before they will restore access.
Ransomware incidents cause a series of problems for your business, including major disruptions to operations and loss of critical data. In cases of emergency systems, a ransomware attack might result in injury, lack of urgent care, or death, depending on the organization, its client base, and its ongoing and urgent needs.
A study conducted by Secuvant and AED references the CryptoLocker ransomware attack of 2017. The CryptoLocker malware code, once executed, encrypted shared files on desktops and networks and held them for ransom until someone paid the cyber criminal’s demanded fees. It’s still largely unknown precisely how the malware invaded the systems, since CryptoLocker can gain entry to a protected network through various vectors, such as downloads, email, and file-sharing sites.
2. Phishing Incidents
Phishing incidents are frequently referred to as scams or attacks, because “incident” sounds too benign for the damage they do. Regardless of what you call them, each one intends to lure you in and ensure that you take the bait. Once you do, they reel you in and trick you into providing vital information; you’re on the hook.
Specifically, a phishing scam is one where an employee receives an email that appears to be legitimate and from a legitimate source, such as another business or even a colleague. The email might request that the recipient update a piece of information by either replying directly to the email or following a link to another website.
Once the employee clicks the link, the problems officially begin: they will find themselves redirected to a spoofed website that looks completely legitimate. At this point, the cyberattack victim might find themselves offering personal information such as their social security number, password, or credit card information.
Even worse, there are numerous sub-categories of phishing scams:
- Spear-phishing is a targeted type of phishing attack that focuses on a certain industry or victim.
- Whaling is another targeted attack aimed at an organization’s “big fish,” such as the CEO or CFO.
- Vishing scams occur via phone lines, voicemail, or Voice over Internet Protocol (VoIP) calls.
- Smishing takes place through SMS text messages.
- Pharming is an insidious attack that occurs when malicious code is installed on a computer and redirects the victim to fake websites.
The best protection against phishing attacks of all kinds are knowledge and vigilance. Ensuring that your employees understand the nature of these attacks and the tactics involved in each type is crucial to protecting against this classic attack method.
3. Social Engineering Attacks
According to Don Ainslie, Secuvant’s executive vice president of risk management, in 2020 alone, over 91% of attacks across Secuvant’s diverse client base relied on a social engineering component. Often combined with spear-phishing and whaling, this form of attack preys upon human nature, exploiting an individual’s natural trusting response and desire to help others.
Social engineering is an ancient art of manipulating people for nefarious purposes. With the advent of email and direct international dialing, these attacks have evolved significantly. In the cyber arena, they can be referred to as cyber-enabled social engineering attacks. A common example is the “IT help desk” call.
This exploit notifies the employee that a security issue has occurred on the network, and they are calling to help “fix” the problem. During the call, the attacker convinces the employee to enable remote access to the IT system. Many advanced cases of successful cyber-enabled social engineering attacks have involved transferring millions of dollars, pounds, or rubles to fraudulent accounts.
Most of these attack types can be mitigated through effective employee education and awareness combined with appropriate network controls and permissions.
Results of a Recent Study by Associated Equipment Distributors and Secuvant Cybersecurity
In a recent study, Associated Equipment Distributors (AED) and Secuvant Cybersecurity set out to learn more about the types of cyberattacks businesses have experienced.
Results of the study serve to help both AED and Secuvant, and their readers, understand how the surveyed business executives handled incidents like phishing scams and ransomware attacks, and further focused on the organizations’ goals in managing cybersecurity with those incidents on file.
Past Experiences with Cyberattacks
According to Small Business Trends, 61% of businesses suffered a cyberattack in 2019.
The report from AED and Secuvant reveals that things line up on a smaller scale, with respondents sharing the number and degree of incidents they experienced:
- Major Incident: 7
- Minor Incident: 20
- No Incident: 12
The major incidents reported included computer spoofing, mimicking of computers to spread malware, ransomware attacks, money being sent to fake companies, and compromised terminal servers.
Minor incidents included those involving various phishing schemes, ransomware attacks, and intellectual and tangible theft by former employees.
Cyberattacks run the gamut for most businesses, as these results show.
Making Cyber Risk Management a Priority
Executives increasingly understand that they need to make managing cyber risk a priority. In our fast-paced, technology-driven, globally-connected business world, the threat landscape is overflowing. No business is inherently safe against threats just because nothing has happened yet.
If you’ve never experienced an incident, that’s fantastic, but you don’t want to use that as a reason not to invest in managing cyber risk. If you need more incentive, think about these benefits:
- Ensuring the safety of your customers and employees
- Instilling confidence in your customers and employees
- Reducing or eliminating the costs involved with recovery and restoration after a breach
- Limiting your legal liability should you experience a breach
- Minimizing any possible business disruption
- Maintaining regulatory compliance
- Guarding against data and intellectual property theft
- Protecting your business’s brand reputation
Clearly, there are multiple reasons to make cyber risk management a priority for your business and your stakeholders.
Confidence and Preparedness Levels for Managing Cyber Risk
Many executives tend to have an overly optimistic confidence level regarding their organization’s preparedness and management of cyber risk. Perhaps because of a lack of incidents and experience with cyberattacks, some executives feel as if everything is under control. Not having suffered an attack is sometimes just a matter of good luck, but it’s usually more to do with robust cyber risk management.
The Threats That Worry Executives Most
The cyber threats that worry executives most are directly related to financial considerations, such as extortionist ransomware attacks and phishing scams that lead to account fraud or paying the wrong invoice. They tend to overlook the risks associated with supply chain service disruption, website defacement, or system outages, and other operational failures. It’s crucial to consider and manage all potential cyber risks.
Does Your Dealership Have the Survival Knowledge, Skills, and Tools Needed to Fight the Never-Ending Barrage of Cyber Threats?
It’s clear that the majority of construction equipment dealerships are at risk for a cyberattack. Half feel they are safe from attack and have mediation plans in place and adequate budgets attributed to cybersecurity. The other half is unsure of their vulnerability and remediation in the face of a cyber incident.
If you feel vulnerable about your dealership’s cyber response plan, you might consider putting a managed detection and response (MDR) system in place. Dealers who feel confident might consider conducting a risk assessment and validating their dealership’s remediation plan to ensure that they can see the full threat landscape.
Cyber threats aren’t going to disappear, and you can’t leave anything to chance without risking the health of your dealership and the trust of your customers. Are you ready to stand up to cyber threats right now? If not, you might want to find and employ the best strategies for keeping threats away from your systems and valuable data, with the top knowledge, skills and tools.
Bio: Mark Spangler | Board Member, Secuvant
Mark is a driven leader and educator with solid business acumen and a passion for resource management, customer outreach, and cybersecurity. Holding a TS/SCI clearance, Mark has extensive experience and expertise in supporting national security programs at the Central Intelligence Agency (CIA), the National Reconnaissance Office (NRO), the U.S. Intelligence Community (IC), and the Department of Defense (DoD) in multiple leadership and operational roles in areas of cybersecurity and information technology.
Over his professional career, Mark has built a reputation as a trusted executive advisor to the C-suites of the organizations he’s serviced. He was appointed chief information security officer for the NRO, one of the largest intelligence agencies in the world, where he built the foundation of NRO’s information assurance (IA) and cyber-security programs. Mark also worked diligently to build an extensive outreach to security leaders in the Intelligence Community. Furthermore, Mark established NRO’s IT Project Management Center of Excellence and led transformational change in the delivery and management of global IT systems/services.