The risks are everywhere; hiding in email attachments, on USB sticks, creeping in through browser vulnerabilities and even through cloud storage solutions. Mobile phones can have malware hiding on them, waiting to destroy data on your mobile device or to be connected to your computer before unleashing worms and viruses.
For the standard user, the loss of data is frustrating, disappointing and might even put you off computing for life. However things are different in small and medium businesses where computing is a necessity to remaining competitive thanks to the productivity improvements it provides and requirements for connectivity it meets.
Most businesses will have anti-virus solution installed, operating across all networked (and often even stand-alone) computers. Combined with a hardware firewall this generally prevents malicious software from causing damage to servers, data stores and the end user’s computers.
Protection Against Cyber-Attacks
However, protecting against targeted attacks is another matter entirely. A cyber-attack could be instigated against a business or organization as part of an overall strategy to weaken services and infrastructure in a particular country, or it might be specifically aimed at a particular establishment in order to mine specific data for criminal purposes or intelligence gathering.
An example of a targeted cyber-attack is the Stuxnet worm which recently disrupted a key uranium enrichment plant in Iran by attacking a Siemens-built component. The trouble caused by Stuxnet goes way beyond Iran, however, infecting factories and processing plants around the world wherever the Siemens S7300 controller is in use.
Online security firm Symantec has reported that their cloud-based malware detection system has identified 85 targeted malware attacks each day during 2011; this is in contrast to the 500,000 non-targeted, mass-produced malware emails seen daily. Such a small percentage can only mean that at least one group of hackers is specifically targeting certain businesses and organizations.
To help American business owners manage the risks from this kind of threat, the FCC has recently begun supplying a free online cyber-attack tool, intended for use by SMEs.
The FCC Cyber Planner
Created by the Federal Communications Commission to assist businesses in planning awareness and training to employees who are more than likely unaware of the risks posed by targeted malware, the Cyber Planner isn’t an anti-virus, firewall or anti-malware solution.
The tool instead offers guidance on a range of topics from scams and fraud to email and website security, and is provided free of charge via www.fcc.gov/cyberplanner. Offered as an action plan to provide information to employees about security dangers, this tool can be downloaded with all sections included or in a customized form with only the relevant topics.
Once downloaded and digested, the intention of the FCC is that small and medium enterprises will have the awareness and tools to protect themselves against a cyber-attack.
The best use for the tool is to couple it with a visit from a trained security specialist; your business might have someone suitable employed, or they might hire a consultant in this area for a short time in order to increase general awareness of the risks and audit systems and policies to turn up weaknesses.
The Risks of Targeted Cyber-Attacks
A recent article published by online security company Symantec paints a grim picture for all manner of businesses, whether they are educational institutions, non-profit, engineering or mineral and fuel companies.
By stealing confidential intellectual property, scammers have an opportunity to sell trade secrets to an interested party who might then use the opportunity to advance their own research, tailor their marketing and sales efforts to undercut competitors, or gain any number of other advantages.
The threat is real, present and dangerous, it seems, with one business subjected to targeted Trojans sent via email to every single one of its 488 employees.
The Modus Operandi of the Targeted Cyber-Attack
As protection against intrusion has become more sophisticated the methods used by the attackers have developed into something approaching profiling. Rather than simply try to break into a network via non-secure ports, the hackers target specific users. This is done by researching the organization and its personnel; hackers apparently identify weak links in the chain. This might be newcomers who may not have attended a system security induction or older staff in administrative or management positions who may not be aware of the risks.
The next step is simple: with a target identified, an email with a Trojan attachment or a link to download such malware is forwarded, with the hope that the recipient will install the malware. With this done, the attackers can make light work of finding the information they’re looking for.
Thanks to the FCC’s tool, organizations can now take steps to increase awareness among their employees of what is perhaps the single most important online threat facing SMEs.
- Lee, Martin. “Targeted Attacks and SMBs”, http://www.symantec.com/connect/blogs/targeted-attacks-and-smbs
- Image credit: Wikimedia Commons/Palatinatian