Is Your Business at Risk?
When a cyberwar occurs, a business or private company will likely be caught in a crossfire thus putting it at risk or affected. A business is at risk if the platform used by attackers is widely used by consumers and within the company itself.
An example is when an attacker hacks a company server or database that will prompt the customers to change settings as a defense; the business operation is affected if the recommended settings do not meet the requirements to continue with operating the business. We can look at the recent incident in which a corporate giant advised its customers not to change the default password that could affect operations in a business. The company operated a widely used program to acquire and analyze data, which was targeted by a malicious program. The attacker created a program to create chaos by attacking the software used to control power grids, factories, and water-processing plants.
In the said incident, the attacker successfully exploited a security vulnerability in a Microsoft Windows operating system, which we all recognize as a widely used platform. Microsoft and the company's security vendors worked hard and hand in hand to prevent and stop the problem. Unfortunately, one of the company's clients was affected.
You might wonder why the above is called cyberwar. Here's why:
A security researcher has found vulnerability in Windows Shell, a component in Microsoft Windows operating systems. The details of the vulnerability including the proof of concept (PoC) was publicly published. The said PoC has been exploited by malware creators and hackers by creating a program to attack. The researcher and the affected vendor have a different principle or belief on how a software company, in this example, should act when a vulnerability is discovered and reported. The impact on business or consumers is seemingly not taken into consideration.
Clearly, such incidents are evidence that when a cyberwar occurs, it is not only consumers who are at risk but the business as well.
Resource: The Wall Street Journal at http://online.wsj.com/article/SB10001424052748703954804575381372165249074.html