From non-technical executives to government officials, a question of concern often arises: “Are we at risk for a cyber attack?”
The simple answer is, of course, yes. All organizations are at risk for a cyber attack, at all times.
However, the real question they are trying to understand is: “How do we understand the risk of a cyber attack?”
To answer that question, let’s start with one fundamental aspect – your organization is a target. So, why is that? What do you have that’s of value to a cyber criminal?
Many small businesses, non-profits, and government agencies don’t want to invest in a lot of cyber security resources because they feel they have nothing of significant value. Even larger organizations believe that attackers would much rather focus on banks and bigger, more valuable businesses.
Unfortunately, any business in the United States that utilizes internet connectivity is a target for someone, somewhere. Perhaps only a target of opportunity, but a target nonetheless.
What are the valuables? Broadly: Cash, data, personal information, access, and ulterior motives. Let’s explain each in a bit more detail.
Cash
Many of us don’t feel wealthy, especially when we’re creating an organizational IT budget. However, compared to many other places in the world, our seemingly meager resources go a long way.
Five very common location for hackers and phishing attacks are: China, Iran, Nigeria, Romania and Russia.
In those countries, the average monthly salaries are:
- China – $974 / month
- Iran – $1,245 / month
- Nigeria – $559 / month
- Russia – $769 / month
- Romania – $1,172 / month
So, what does that mean? Essentially, a hacker from one of those countries could target a U.S. company through phishing or ransomware, and make out with an entire month’s salary.
In January, Coveware estimated that the average paid ransom for a ransomware attack increased from $41,179 to $84,116 between Q3 and Q4 in 2019. For a hacker from one of the five countries above, $80,000 would be five to ten years of salary.
A relatively small amount of money for a U.S. entity becomes life changing money in many other parts of the world. So, cash alone makes every U.S. company a prime target for a cyber attack.
Data/Personal Information
Government regulations, such as HIPAA and GDPR, acknowledge the value of a consumer’s personal information.
For many organizations, a breach of this critical data may be more costly than losing cash, because it leads to public reports, fines, and tarnished reputations. For a cyber criminal, however, this sort of information has cash value.
Experian estimates that an initial value of $5 per credit card number, and $1 per basic medical record on the dark web. More complete data can be sold for up to $30 for credit cards, and $1,000 for medical records.
Recent: How to Prepare Your Business For COVID-19
From an internal business perspective, an employee’s personal data is a gold mine for cyber attackers. Should an attacker breach a company’s human resources database, he/she can obtain the entire company’s social security card list ($1 each), as well as photocopies of driver’s licenses (up to $20 each), or even passports (up to $2,000 each).
Beyond the personal information, most organizations have corporate secrets to protect, such as biotech formulations, software source code, or even secret recipes. These secrets are sometimes sold to competitors, or used as leverage to extort money from the victim company.
Furthermore, accounting information from accounts payable becomes a recipe to commit fraud. Attackers impersonate vendors and attempt to reroute payments, or obtain extra payments to their accounts.
Less directly, sales leads and organizational charts can also be useful information for attackers.
For hackers specializing in phishing, obtaining a company’s org chart allows them to credibly phish employees using the correct names and titles.
If the same hackers obtained the sales leads, they could likewise pursue a phishing campaign against those leads as false representatives from the victim company.
Access
Often, hackers will target an organization as a stepping-stone to reach a more valuable target.
For example, with a supply chain attack, cyber criminals will try to sneak into an organization through suppliers, vendors or customers.
Recent: Breaking Down 2019 Cyber Attacks & Crime Reports
During the notorious Target breach, attackers compromised an HVAC vendor, then used that vendor’s access to move laterally and exfiltrate point-of-sale information from the retail chain.
Additionally, watering hole attacks pursue a similar tactic by corrupting a source accessed by potential targets.
Although high profile victims, such as the US Department of Labor, Forbes, and the International Civil Aviation Organization (ICAO), make headlines, they aren’t the only targets.
Cyber criminals certainly pursue organizations of all sizes.
Ulterior Motives
For some cyber criminals, the victim’s pain and agony provides adequate value.
With these types of attacks, the actual value of an organization’s resources is irrelevant, as the attacker only intends to cause chaos and disruption.
In several cases, these tactics have been used as weapons by nation states for political gain. For example, Russia has been connected to high profile attacks, such as the infamous NotPetya, which wasn’t used to collect any ransoms.
Additionally, countries such as Iran, North Korea, and China pursued similar cyber attacks that gained notoriety and fame.
Since these attacks are only used to make headlines, most smaller companies feel protected by their relative anonymity. However, as seen in the NotPetya attack, many smaller organizations become collateral damage.
Hospitals in Pennsylvania and Chocolate factories in Tasmania weren’t direct targets, but the NotPetya virus still infected and destroyed their computer systems.
Cyber Attack Protection & Support
All organizations, no matter the size, are valuable to cyber criminals.
While most sophisticated attacks target large corporate, there are plenty of hackers out there trying for more obscure targets.
It’s not a question of if an organization will be a target, it’s when.
With the growing number of cyber criminals and attacks, you need protection and support from an experienced cyber security team.
The team at Blue Bastion offers 24/7/365 network monitoring and support – we’re here to keep your data safe and secure.
Whether you are interested in significant outsourcing or just simple assistance on a specific project, we’re here to help.
Contact us today for a risk-free cyber security demonstration.
Just complete the form below, or call 412-349-6680!
