Issue - September/October 2021
Are You Really Under a
Cyber Security Threat?
By Ramiro Quiros, Executive at Moveware Ltd.
I wish there were an easy answer to this question. The short and sweet version of it could be a simple “Sort of.” The slightly longer version could be, “You are possibly under enough of a security risk that it merits looking into.”
There are two simple questions you can ask yourself to determine your data security risk: Is the data you store valuable, and therefore a potential target for cyber attacks? And are you prepared properly to fend off, and respond to a cyber attack? In this article I intend to help you explore both those questions, and hopefully find the right answer and corresponding call to action for your particular business.
The Value of Your Data
Is your organization really a valuable target for cybercriminals? Most people think they are not; that they either handle too little data or data of no real value. How could anybody outside of your organization profit from accessing your files? Clearly, in order for someone to try and exploit a security vulnerability there has to be intrinsic value in it—otherwise, why bother?
You may think that if all you store are pictures of cats, then the reward a potential hacker would get by breaking into your vault of cat pictures, is potentially very small (unless we are talking about some very fancy and rare cats!). Surely, large retail companies that store thousands of credit card details are the real targets, not a small moving company! Unfortunately, this assessment is wrong.
All data is valuable to someone, otherwise it wouldn’t exist. Some data does of course have more “market” value than others. However, recently there has been an increase in a type of cyber attack called Ransomware, which completely changes the game. Ransomware works on the premise that, while there may be no market value to your data per se, the attackers assume you value your data, and are therefore willing to pay to not lose it. The modality of this type of attack is simple: A hacker stops you from accessing your own data and files (via either encrypting them or removing them from your device altogether) and then asks for a ransom payment to return them.
Ransomware attacks have grown in popularity over the past few years. You may have even seen it in the news, with famous cases like the 2017 WannaCry attack (affecting over 200,000 entities worldwide, from individual computers to giants like FedEx and Nissan), or the 2018 SamSam attack. Ransomware is so common because it makes ANY data a valuable, ransom-worthy, asset (those cat pictures may not be valuable to the world, but they are to you!).
Additionally, I would imagine most of you are not storing only cat pictures (except maybe pet relocation companies) but also data that does in itself have market value. Individual information that can be used to create a consumer profile is extremely valuable in the black web market, and most moving companies store this type of data for each and every client they talk to.
So, in summary, the true answer to the first question is, yes, your data is valuable, and therefore of interest to potential attackers.
Securing Your Data
Having determined the value of your data, let us now look at the second question; ‘how can you protect yourself?’ Cybersecurity is a complex issue, and most people don’t have a deep understanding of it. For this reason, it is always highly recommended to utilize a cybersecurity expert, be it an internal IT staff member or a specialized third-party provider.
Whoever you rely on needs to of course be someone of trust. There are many highly reputable cybersecurity vendors around, and it will pay off to do some research on them. Hiring someone for cybersecurity is analogous to hiring someone to look after your rental house overseas. That person will have unlimited access to the house and will know all your security vulnerabilities. You must ensure they are someone you can trust.
Now, before reaching out to an expert, it is worth having some basic knowledge of what cyber security encompasses. Knowing what you may face can give you valuable insight into how to protect yourself. For example, how you protect against a ransomware attack is very different from how you protect from confidential data breaches. In the first case, the emphasis would be on how to respond to an attack (ensuring you have safe backups of all your data), while in the second case the focus is on prevention (stopping unauthorized access from happening).
It would be impractical to list all there is to know about the topic in this short article, but the below are some of the key aspects I believe can be of most value to you, based on a typical moving and storage organization’s needs.
Let us look firstly at how attackers normally gain access to your data. The easiest, and therefore most common, entry point for any would be attackers is an individual user. Users tend to accidentally spread malware by clicking on a link on an unsolicited email (a phishing email), or by downloading corrupted software. End user training is key in managing this risk.
There are many types of malware (viruses, trojans, adware, etc.), and each can serve different objectives (spyware, ransomware, denial of service attacks, etc.). It is easy to get lost in the details of what each one does, and how they behave. However, for a mobility company, there are really two types of attack that you need to worry about: ransomware (as explained above) and data breaches. Both in essence are the same and can be explained as: An unauthorized access of your data or files, in order to re-sell it at a profit. The only difference is that sometimes you may be the intended buyer (by paying a ransom), and sometimes it is someone else on the black market who intends to use the stolen data illegitimately.
Secondly, let us investigate where is cybersecurity applicable? There are three main areas you should look into:
Network security: securing your computer network. Unsecured networks are susceptible for example to what is referred to as a “man-in-the-middle attack.” This type of cyber threat is where a cybercriminal intercepts communication between two entities to steal data. For example, on an unsecure Wi-Fi network, an attacker could intercept data being passed between a device and the network.
Application security: Securing your CRM/ERP or other database software your organization uses. Cybercriminals exploit vulnerabilities in data-driven applications to insert malicious code to take control of and steal data.
Information security: Securing your data storage (for example, your file attachments). Files that are accessed by unauthorized people are most susceptible to the ransomware attacks described above.
Lastly, but most definitely not least importantly, what to do if you are the subject of a cyber attack? Every company needs a proper Disaster Recovery Plan (DRP) to be prepared for when an attack does happen. Unfortunately, there is no standard for this, as every company’s needs are different, and there are many variables to consider (the size of the data set, regularity of data updates, size of the organization, hours of business, even geographical risks to natural disasters). An expert DRP company can help you here.
No infrastructure is impenetrable, but you should ensure your infrastructure is as robust as it can be to fend off as many attacks as possible, and that your organization is ready to respond when and if an attack happens. A well laid out DRP plan will also include details about how your organization manages and handles required data (how long data is stored for, who has access to it, etc.).
Cybersecurity is a growing concern. A report by Risk Based Security found that close to 10 billion records were exposed by data breaches in 2019 alone; more than double the figure from the previous year. This is not a problem that will be going away anytime soon. Hopefully, I have been able to demonstrate you are most likely at a higher level of risk than you may think. The good news is that there is something you can do about it, and I strongly encourage you to start on that today. If interested in more info, particularly in Application Security, let Moveware know—find us in IAM Mobility Exchange.