Sony Pictures Entertainment (SPE) is finally starting to move beyond the hack attack which began on November 24th, 2014 and led to tremendous embarrassment for executives and multi-million dollar losses for the company. Hackers stole over 100 terabytes of confidential information, the equivalent of ten times the entire printed collection of the U.S. Library of Congress. In this attack the victim is a small division of Sony which has over $120 billion in assets and $65 billion in annual revenues. Even if the hackers would have destroyed SPE the effect on Sony would be relatively small. But what if your business gets hacked? If you aren’t owned by a global conglomerate the effects could be devastating.
Hackers target small businesses
The threat is real. According to Symantec Corporation, a security firm which publishes an annual Internet security threat report, nearly one-third of cyberattacks target small businesses. According to Experian Business Information Services, 60 percent of small and medium-sized businesses that experience a data breach go out of business within 6 months.
What do hackers do once they break in?
The perpetrators of most cyberattacks are in it for the money. A small percentage of attacks are done for ideological reasons but generally hackers are looking to profit either directly or indirectly from the attack. Once they have unauthorized access they can:
- Encrypt your businesses’ information and threaten to delete it unless you pay a ransom to have it decrypted;
- Steal customer information like credit card numbers, social security numbers, names and address with the intention of reselling the information for a profit to other hackers; and
- Steal your businesses bank account access credentials to initiate transfers while blocking your ability to detect the theft.
How do hackers break in?
Hackers use sophisticated technology coupled with an understanding of human nature to gain unauthorized access to company data. Their methods can be organized into three types:
Method one: Exploitation of insecure passwords
Weak passwords represent a relatively simple way for hackers to access business accounts. According to leading software company SplashData “123456” and “password” are the two most common passwords in use. Through a “dictionary attack” hackers use dictionaries that contain hundreds of millions of words and combinations of words that are commonly used as passwords. A six character, all-lowercase alphanumeric password could be hacked in 10 minutes. Through a “rainbow attack” hackers can crack more sophisticated passwords in reasonable amounts of time by comparing the encrypted versions of passwords (the hashes) to a table of prepared hashes. Hackers with access to financial and technological resources can test as many as 348 billion potential passwords PER SECOND which would render a mixed eight-character password with the commonly-used LM encryption useless in less than 6 hours.
Method two: Breaching insecure networks
There are over 100 million Wi-Fi networks with some type of public access in operation today. Many businesses offer hotspots for their customers, employees and visitors to access network resources or the Internet without realizing the danger this represents. Nearly 9 out of 10 Wi-Fi networks are not properly secured. A hacker can leverage a misconfigured access point to access the company’s network. They can also steal information being transferred over Wi-Fi between a user’s computer and the network because most wireless networks secure these communications using WPA encryption which is virtually useless against a moderately-knowledgeable hacker.
Method three: Email-based attacks and deception
Networking and security companies like Cisco Systems, Akamai Technologies and Symantec detect over 75 billion spam messages on an average day while ISPs block over 4.5 billion messages containing malware daily. Billions still get through. These emails fall into two categories:
Malware delivery
Many emails contain malware (software with a malicious purpose) as an attachment or as a download accessible through a link in the message body. Some forms of malware can be triggered simply by opening an email using certain email clients. Once activated the malware can steal your information, hold it for a ransom or make your computer part of a more sophisticated attack on a third party.
Phishing
Other emails try to trick you into providing your access credentials to different services. Why crack a password when you can fool the owner into giving it away freely? Phishing attacks are based on deception. The messages appear to be genuine – usually from a bank or other service provider – with links that lead to fake login pages where the hacker steals the credentials as soon as they are entered. Longlining and Watering hole attacks are customized and personalized phishing attacks that have a high success rate in fooling victims.
