The “bad guys” no longer are the gangs roaming around with chains and baseball bats. Many are probably geeky little waifs with thick glasses—organized cyber crime—and these thugs are looking for small businesses to brawl on with their brains. They want sensitive data from these businesses, and yours may be next.
Related Article: Threats to Cybersecurity Increasing: How to Secure Your Network
Organized cyber crime rings are just that: organized, and highly, but there are ways to protect your business from them. They consist of the following:
- Programmers. These skilled techs write and code the viruses that infect a business’s computer network.
- Carders. These specialists distribute and sell stolen credit and debit card data. Sometimes they transfer the data onto blank cards, and then put foil on them to create duplicates.
- Hackers. These intruders break into a company’s PC networks via their vulnerabilities.
- Social engineers. This is the creative end of the crime ring; these con artists concoct ingenious schemes that trick people into giving up personal information or visiting websites that download viruses.
- Rogue systems providers. These are unscrupulous businesses that provide servers for cyber thieves.
- Money mules. They purchase things at retailers using stolen credit cards. Some launder money while others ship products, and may be part of a foreign crime ring.
- Bosses. They’re the head honchos of the crime ring, hire their worker bees and rake in all the money.
Why do they aim for small businesses?
They want valuable data: Social Security and credit card numbers, bank account information, e-mail addresses, home addresses, birth dates and more. With this loot, they take over existing accounts or open new accounts to make fraudulent charges. With e-mail addresses they conduct phishing operations.
Related Article: What Target Should Have Done to Prevent Their Security Breach
Hackers seek out weaknesses such as employees at risk for falling for social engineering scams, an outdated operating system or an outdated browser.
There are 11 ways to keep these roaming cybergangs at bay:
- Keep your operating systems updated so that they’re regularly patched.
- Have a firewall, plus software that opposes virus, spyware and phishing attacks.
- Keep your browsers updated at all times with the latest version.
- Keep all system software updated.
- Encrypt your wireless network.
- Restrict software and set up administrative rights so nothing gets installed without authorization.
- Use filtering that controls access to data.
- Block access to restricted sites with Internet filters to prevent employees and hackers from uploading data to storage clouds.
- Remove or disable USB ports so that malicious data can’t be downloaded.
- Implement strict password policies.
- Encrypt entire drives, folders and files.
These 11 factors aren’t the be-all, end-all. Other variables exist that can lead to hacking such as scammers working on the inside, and employees not being educated on “bring your own device” risks. A business should consult with a professional. Small businesses should consider two factors:
Software for data loss prevention and risk assessment: This software will monitor the entire network’s activities to detect events that could lead to a data breach and nab them before the breach occurs.
Penetration testers: White hat hackers will search for weaknesses and try to break through them, using tactics similar to what black hat hackers use. These white hat hackers may use social engineering tricks or screen the physical security of the building for weaknesses. These staged attacks are proven to succeed elsewhere, so if they work against the company during these experiments, the company will have a rude awakening.
If businesses do nothing, with an "it can’t happen to us" mentality, it’s not "if," but "when" they will be attacked by ruthless cyber crooks.