Posted On: September 20, 2017 by Exchange Bank of Northeast Missouri in: Cyber Security
One of the most dangerous presumptions you can make about cyber-attacks is that it could never happen to you. While we all hope it will never happen to us, the truth is that it could. To help prevent incidences such as these, we can take a glance at some recent large scale attacks and understand several lessons from what went wrong.
One of the largest publicized attacks occurred in 2013, when Target’s point of sale system was breached. Unfortunately, Target later learned that the breach originated outside their walls, and was indeed initialized through one of their trusted vendors, who later passed the infected material into their organization. While the vendor had no knowledge of this dangerous introduction, the criminals behind the breach had researched Target’s list of designated vendors to strategically prey on one vendor’s unlikelihood of catching a change in email address. Tragically, for Target, the cyber criminal’s tactics worked, and 40 million credit card numbers were stolen.
The lesson from this story is to screen all your emails, even when coming from trusted outside vendors. Using a third-party email screening software can help eliminate issues like this, and decrease the possibility of harming another business should you miss the malware.
Another largely scrutinized hack occurred after Home Depot was targeted, and over 56 million credit card numbers went up for sale on the black market. Home Depot had been subject to smaller attacks prior that year but had not yet taken action to increase their cyber security software. This final attack proved poignant when Home Depot had to cover the $62 million cost of recovery. Similarly to Target, the criminals responsible for this attack targeted the business’s consumers through register software they infected with malware.
A key takeaway from this experience is to always act quickly once you’ve detected a potential cyber breach. Any initial attacks could escalate further if left unattended. When structuring your business’s cyber security protocols we recommend outlining a specific reporting process should any employee come in contact with something they believe could be malicious.
We want to help you and your business succeed. To give your business the security boost it needs, our website offers great tips and tricks to help you stay on top of your company’s cyber security. If you want to learn more, give us a call or stop by, we’d love to share some strategies to help you grow!