June 9, 2017
When it comes to computer security, your business data must be secure. As a small business, you can’t afford cyberattacks. Yet, so much can happen. Employees can mistakenly open email spam or click on a malicious link while researching on the internet. Then there can be distributed denial of service (DDoS) attacks, like what happened with Dyn, where malware from phishing emails first infected a computer or network, then spread to other internet-connected devices and used those devices to send a barrage of messages that overwhelmed victims’ computer systems.
According to a 2012 Sophos Security Threat Report, 30,000 websites get hacked every day, and as a small business you are increasingly likely to be targeted in cyberattacks.
The Problem with Dyn
Perhaps you remember what happened with Dyn when there was a massive internet outage in October 2016? You should be wary about how a similar cyberattack or possibly a more direct hack could affect your business in the future.
In case you don’t remember, Dyn is a company that manages crucial portions of the internet’s infrastructure and was attacked. As a result, major websites were inaccessible throughout the day. The problem seemed to stem when hackers infected hundreds of thousands of internet-connected devices like cameras, baby monitors, and home routers with software that was then used to overwhelm the infrastructure until it collapsed. Here is the story as reported by The New York Times. Also, read about Dyn’s own analysis of the attack.
One of the biggest questions that came out of the Dyn attack relates to responsibility. If your system is breached, whose problem is it?
The Shifting Focus on Small Business
You might think you are under the radar of hackers because you are a small business, but this couldn’t be further from the truth. Hackers are increasingly shifting their focus from large enterprises and targeting small businesses. One of the reasons is the likelihood of small business maintaining financial data or other sensitive data in their network. Hackers have also realized that access from small businesses can connect them into other small businesses and larger enterprises. Since many small businesses don’t invest in adequate cyber defense against attacks, it can be easier to compromise their system.
Placing the Blame
Now that you’ve recognized that cyberattacks could realistically happen to you as a small business, let’s get back to the question: whose problem is it?
The Hackers – The source of the problem is the hackers themselves. After all, they unleashed a cyberattack with malicious intent. But while it may be easy to place the blame on them, it is not so easy to enforce any actions for correction on them.
Product Supplies – Then there are the companies that have sloppy security standards when developing products such as the cameras and other internet-connected devices. They open themselves and others up for an attack. After the Dyn attack, these companies were scrambling to update their products as consumers were asking how they could be so irresponsible. So, the manufacturers of these products definitely have a responsibility but there will always be risks. It is just not reasonable to expect that every IoT manufacturer will always be able to patch or update their devices.
Lawmakers and Regulators – Some people also point to lawmakers and regulators who have not put secure laws in place to increase accountability regarding the internet of things. While this can certainly help establish requirements for security standards for IoT manufacturers, it will take time, there will be limitations so as not to hinder innovation, and the hackers will still exist with the potential to get one step ahead of the standards.
Consumers – Finally, we can’t neglect the consumer, such as the businesses themselves. Security researchers have long warned that the increasing number of internet-connected devices would present an enormous security issue. It was therefore only a matter of time before these devices were used in a cyberattack like Dyn, and they will be used again.
Once a breach occurs, it all boils down to your problem in dealing with a potential breach. What can you do to protect yourself and how would you respond in the moments when you are under an attack?
No matter what type of contracts you have in place with your employees, vendors and clients, be prepared. Do your due diligence in purchasing products known for their security enhancements, and be proactive in your security.
Boost IT can help. By outsourcing your IT to us, we proactively reduce your vulnerabilities. We will continuously upgrade your software and equipment with the latest security technology to combat cyberattacks. We’ll continuously monitor your systems to prevent and quickly address attacks before they become issues. Contact us at 404-865-1289 to learn more, or complete our contact form.