Page 61 - Cyber Warnings
P. 61
The modern media fallacy
The more employees your company has, the more chance there is that one of them will fall
victim to a phishing scam. That’s not to say, though, that small businesses are safe.
The attitude that “cyber attacks only happen to big companies” doesn’t ring true anymore,
especially since small companies are usually the ones with relatively small IT budgets to spend
on security, and are therefore easier targets than big companies.
It just so happens that the hacks that make the news as a direct result of compromised
credentials are those that happen to big companies because everybody’s heard of them — and
the damage is huge.
Dropbox, for example, had 68 million account details leaked thanks to compromised credentials.
eBay suffered a similar fate with 233 million accounts.
The infamous Sony hack exposed 100 terabytes of sensitive data to the world, and healthcare
insurance provider Anthem had 78.8 million customers’ details stolen all through a compromised
login.
But what about the hacks that happen to small companies? They happen, but they don’t make
the news, which creates a false impression that it doesn’t happen at all.
What you can do to protect yourself from compromised credentials
Technology is key to protection. You can’t rely on your IT administrators to spot suspicious
network activity, no matter how eagle-eyed they are.
People are, by their very nature, human, and run the risk of missing the odd bit of crucial
information that technology could pick up in an instant and automatically raise the alarm.
That’s why technology that audits your files and folders on the network in real time is key. This
kind of technology can send an alert to an admin whenever someone edits a file that you know
to be particularly sensitive.
Or it can alert an admin whenever somebody copies files en masse to a USB, a sign of potential
theft.
It could even alert administrators when someone deletes a particularly sensitive folder. On each
occasion, the admin will be able to see which user performed which action, which enables you
to pinpoint problems quickly and address them at the source — the user.
While this kind of technology will alert you to hackers acting maliciously — or even malicious
employees intent on doing damage on your network — prevention is always better than cure.
Keeping hackers out in the first place is always the safest option.
61 Cyber Warnings E-Magazine February 2017 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
