Carl Mazzanti is the president of eMazzanti Technologies in Hoboken. | When business owners think about cybercrime, it is easy to imagine a lone-wolf individual in a nearby neighborhood launching a hack or other digital attack. That still happens, but the threats increasingly originate overseas, often with government backing. This was amply illustrated when I recently reviewed the FBI-maintained “Cyber’s Most Wanted” site, which looks a lot like the “Wanted” posters frequently found in post offices and police stations. |
One “Most Wanted” box listed the “Russian FSB Center 16” – a successor to the KGB. Another was labeled “Chinese PLA Members, 54th Research Institute” – an arm of the Chinese military. Digital criminals with government ties from Iran and North Korea were also highlighted, reflecting the “Big Four” group of major international APT — advanced, persistent threat and other actors: APT28 (Russia), APT33 (Iran), Lazarus Group (North Korea), and APT41 (China).
This prompts two questions: Why are nation-states attacking businesses? And how can a business defend itself against an onslaught of hackers backed by the power of a major nation?
The cyberwars waged by nation-states against businesses may seem like a David versus Goliath match, but even smaller organizations can mount a significant defense when they work with an experienced Cyber Security managed services provider. A successful strategy will leverage two prongs: human and digital. The human effort involves training to avoid phishing and other attacks that lead to the exposure of confidential information.
In a phishing attack, a cybercriminal will send emails or other messages that appear to be from a legitimate company to get employees to act in a certain way and reveal personal information, like passwords and credit card numbers; wire funds to wrong parties; open an infected attachment; or click on a malicious link. Besides using “spoofed” email addresses that appear to be from legitimate sources, hackers often strengthen their attacks with realistic-looking websites.
Businesses, however, can teach employees to recognize telltale signs of a phishing attempt: messages with a sense of urgency, slight errors in the sender’s email address or URL, poor grammar or spelling, or unsolicited attachments. Employees should also know what to do when they spot a phishing attempt, such as reporting it – whether the attempt was successful or not – to the appropriate security or other personnel to help ensure that other users in the organization will know to be prepared.
As Target discovered the hard way, third-party vendors can also be a potential risk. Savvy businesses will vet their vendors by establishing procedures for regular check-ins and reviews to verify that vendors adhere to policies and contractual security requirements; and by requiring them to submit updated audits and security certifications at least annually. Businesses should also periodically send Cyber Security questionnaires to their vendors and, if feasible, conduct on-site assessments to ensure that their security controls continue to meet required standards. By proactively monitoring vendors, Cyber Security issues may be addressed before a breach occurs.
On the digital side, defenses will typically start with multifactor authentication enabled across all connected devices. An MFA initiative can reduce the opportunity for identity fraud by requiring users to provide identity verification – like entering a code received via a mobile device – before they are granted access to an account or an app. Other digital defense strategies could include strong password policies and developing a blueprint to secure an organization’s domain name system, which identifies computers reachable through the internet or other internet protocol networks.
Considering the nature of the Big Four nation-state threat actors, businesses should also look into geofencing. This firewall-based feature automatically looks at the IP address of incoming traffic or network requests, identifying where the traffic originated, and allowing users to set up a digital barricade that blocks network traffic from specific locations.
Goliath-sized actors will continue to attack businesses and other organizations of all sizes. But companies that take proactive steps to guard their sensitive data will be able to stand tall and improve the odds that they can resist the onslaught.
Microsoft Exchange provides multiple ways to control email communication in a business. Shared Mailboxes and…
Remote working was once a niche specialty, only used by tech-savvy and freelancers. But in…
While we live in a digital age, print is still a staple for many businesses.…
Increasingly, email communication is playing a pivotal role in business operations, facilitating collaboration, customer engagement,…
As the digital landscape evolves, businesses of all sizes face the challenge of managing complex…
In the evolving landscape of information technology, businesses constantly seek the most efficient and cost-effective…