Cybersecurity Awareness Month: SMB Edition
During the month of October, Cybersecurity
Awareness Month reminds us of a category of crime that continues to inflict
taxpayers and companies with damages amounting to billions of dollars annually.
Staying updated on the latest attack types and prevention techniques is the
only way to future-proof your organization. Here are five fraud trends from our
experts that you won’t want to miss:
Fabrication
Synthetic identity fraud is initiated when a
hacker procures a social security number by theft or purchase on the Dark Web,
and then fabricates an associated name, DOB, email account, or phone number.
From there, the fake identity is legitimized and nurtured in order to exploit
lines of credit. Once a fraudster is able to become an authorized user, a
process that typically takes 5 months, the “bust-out” is
ready to be executed. When the dust settles, creditors and businesses are left
with dummy accounts filled to the brim with credit card maximums, loans, and
cell phone/utility plans.
Ransomware
The “R word” can send chills down the spine of
any business owner or MSP, and for good reason. Two cities in Florida were forced to pay over
a million in aggregate bitcoin ransom, only after losing access to phone and
email systems for multiple weeks. Municipalities are not alone, and a quick
glance at data breach news headlines on any given week will reveal SMB attacks
as well. Ultimately, ransomware boils down to the economic concept of
incentives, and it will require a concerted effort by organizations to shift
the paradigm.
Account
Takeover (ATO)
Understanding how criminals are targeting your
business or vertical is a fundamental component to any sound cybersecurity
strategy. Nevertheless, “the nature of work for a CISO is often reactive”,
tasked with establishing a Security Operations Center filled with analysts who
are looking to spot a needle in a haystack. On the other hand, the
commoditization of crimeware and “spray-and-pray” techniques have led to a
higher frequency in breaches, many of which are executed by non-sophisticated
hackers. Solving ATO fraud at the small business and medium enterprise level in
today’s world requires purpose-driven teams and technologies that can protect
your business smarter and more efficiently.
Universities
Just this summer, three US universities disclosed data breach incidents within a
two-day span. However, this pales in comparison to last year’s highlight. In
March 2018, nine hackers breached 144 US universities, charged with
stealing 31 terabytes of data worth roughly $3.4 billion in intellectual
property. Such breaches have a ripple effect across all verticals and
companies, driving consumer awareness and raising the standard for
cybersecurity for everyone.
Dark
Web
Finally, our bread-and-butter: the Dark Web.
Security researchers estimate that In the first half of this year alone, 23M+ credit and debit card details were being sold
in underground forums. What’s worse, nearly two out of every three originated
in the United States (64%), followed by the UK (7%) and India (4%). Once such
data dumps hit the Dark Web, cybercriminals will exchange stolen information
and credentials in order to orchestrate damaging fraud schemes.
Removing
incentives for hackers is easier said than done. However, proactive measures
such as creating backups and training employees to protect against human error
can stop attacks from happening in the first place. Curious to see how it’s
done? Dive into our blog to see the latest and greatest in cybersecurity
trends and expert advice.
Sources:
great
ReplyDeleteThis comment has been removed by a blog administrator.
ReplyDelete