Is Your Router Infected?
500,000 routers have been hacked in suspected Russian plan to attack Ukraine
Yet another reason small businesses need enterprise-grade security… In the past 24 hours, Cisco has warned the public that 500,000 routers have been hacked in suspected Russian plan to attack Ukraine. Cisco’s Talos cyber intelligence unit said it has high confidence that the Russian government is behind the campaign. Dubbed VPNFilter, the malware is named after a directory it self-creates to hide its files on an infected device. The thousands of routers infected are spread around the world, and one might be sitting in your small or midsized business’ office. While VPNFilter infects routers and storage devices typically used in home offices, many small businesses rely on these lower cost, yet compromised units, which CNN’s sources state can be used to “launch coordinated attacks on much larger targets.”
Despite SEC warnings as far back as 2015, and daily headlines, such as these, cautioning businesses to prepare against cybercrime – SMBs continue to fail at protecting themselves. Other than being used as part of a larger attack, these vulnerabilities pose very real, and very serious threats to SMB’s sustainability. In his article titled “Small Businesses Beware: Half of all Cyber-Attacks Target You” Steinberg points out several reasons for this spectacle. To summarize his (and many other experts) on the subject, in one word what is wrong with SMBs today: apathy. Or perhaps another way to think of it is: desensitization.
Hacks against the big players like Target, Home Depot, Equifax, and the entire City of Atlanta, have all had more than their share of negative publicity. However, cyber-attacks on SMBs often go unnoticed and rarely make national headlines. Attacks such as the one on Efficient Escrow of California, an SMB who was forced to shut its doors when a trojan plagued their network. What about Village View Escrow Inc., also taken in a cyber-heist that cost them over $400,000. Or MEDantex, whose numerous online tools intended for use by MEDantex employees were exposed to anyone with a Web browser, including pages that allowed visitors to add or delete users, and to search for patient records by physician or patient name.
The list goes on. Just recently, along the healthcare vein, Family Planning NSW, was hit by ransomware that may infect some of the most sensitive data of thousands of patients. Pages could be filled with these attacks, yet SMBs lag behind.
Why attack an SMB with ransomware over a larger firm? Smaller businesses are more likely to pay the ransoms hackers demand to return encrypted data to an unencrypted state. And the frequency of these ransomware attacks on SMBs are growing exponentially. Two percent of SMBs said they experienced ransomware attacks in 2016. Comparatively, 52 percent stated they suffered a ransomware attack in 2017.
“Even SMBs have valuable data” says Ben Gayheart, CEO of cloud and security firm, Effortless Office. “From healthcare data to financial information, and more, this is something hackers are looking for every minute of every day.” And in Steinberg’s article, he also mentions that SMBs are often attached to larger business and often represent a weak link in the chain of defense. Another reason he cites for the growing attacks – small businesses often share the same vendors who have poor security in place for their clients. An example of this was seen when a vendor for a small linen company in New Hampshire used the same initial passwords for all customers. This left them vulnerable when a competing customer got the idea to use the generic passwords in an attempt to get into competitors data. The attempt was successful, and allowed the criminals access to the database of customers, which they used in an attempt to lure their customers away. Now that’s a big wrinkle for the unsuspecting linen company!
Commissioner Luis A. Aguilar of the U.S. Securities and Exchange Commission says that “Leveraging innovative technologies is essential if SMBs are to succeed in the modern economy, but SMBs must be mindful of the dangers that new technologies pose. The primary responsibility for cybersecurity rests with the SMBs themselves, and the data suggests that SMBs can do a better job of implementing basic cyber defenses.”
What YOU Can Do Now
Awareness is important, but without well directed action, SMBs remain vulnerable. In the linen hack mentioned, General Linen Services (the name of the company that was hacked) could have easily taken action to protect itself by changing the vendor default password. That simple step might have prevented the breach of 1,000+ customer records, and avoided a costly legal battle with their rival. But most importantly, find vendors who don’t put you at risk for these kinds of issues! That was a rookie mistake.
Small businesses need enterprise-grade security now more than ever. The tools and expertise are out there. SMBs have access to outsourced qualified professional firms, and enterprise grade security and IT services at prices SMBs can afford!
Business owners and employees from companies of all sizes must be aware of the risks posed by hackers. Many of whom use highly targeted phishing attacks to trick employees into revealing sensitive information. Find a vendor who can help you run a test attack on your company, to see just how vulnerable you are, and who in the company passes the test. You might be surprised at just who on your team reveals the most information to a hypothetically nefarious source.
Businesses of all sizes should ensure they have a layered approach to security, which includes making use of secure cloud applications that minimize access to local data and restrict users from becoming threats to the system. This requires that you, or your outsourced IT company, have a strong degree of technical, physical, and administrative safeguards designed to minimize risk.
My clients are always surprised when I tell them that for the cost of a decent cup of coffee per day, for each user on their network, they can have enterprise grade security.