Cybercriminals Sniff Out Vulnerable Firms



[caption id="" align="aligncenter" width="560" caption="Small Firms Cyberheist Victims"]Small Firms Cyberheist Victims[/caption]



I could have written this headline myself. But I didn't, it was Sarah Needleman at the Wall Street Journal. And she's right, that is exactly what is happening.



She started out with:" With cybercriminals a greater threat to small businesses than ever before, more entrepreneurs like Lloyd Keilson are left asking themselves who is to blame for hacking attacks that drain their business accounts. In May, Lifestyle Forms & Displays Inc., a mannequin maker and importer led by the 65-year-old Mr. Keilson, had

$1.2 million wiped out of its bank accounts in just hours through online transactions. The theft from the Brooklyn, N.Y., company, which has about 100 employees, wasn't an isolated incident."



Nope, it sure ain't. The bad buys scan websites all day, every day with fully automated tools very similar to Nessus and Qualys and look for holes. Once found, they have automated tools to see if the holes can be exploited. Only then a human criminal get involved, who, again, have a whole lot of automated tools at their disposal.



In parallel with that, one in every roughly 300 emails is a phishing attack. Compare that to about 100 emails sent and received per day by the average corporate user. Can you say: "shooting phish in a barrel"?



"Small businesses feel like they're immune from cybercrime, and they're wrong. They are absolutely on the list of potential targets of cybercriminals," said Larry Ponemon, chairman of the Ponemon Institute, a privacy think tank in Traverse City, Mich.



Read the article, it has some good suggestions at the end. This is also a good one to forward to C-level Executives. Wall Street Jornal has the whole story and background.



It is also an excellent reason to step all employees through mandatory security awareness training!

Subscribe To Our Blog


Ransomware Hostage Rescue Manual




Get the latest about social engineering

Subscribe to CyberheistNews