Avionics News May 2012 - 58

series

BUSINESS BASICS
B Y G R E G L A S L O

Hacked Off
ccording to legend, infamous bandit Willie Sutton once quipped that he robbed banks “because that’s where the money is.” During the course of a 40-year criminal career, he’s credited with helping himself to more than $2 million of other peoples’ money. Today, that’s lunch money for a new generation of thugs, the cybercriminals. They are not only going where the money is, they are going where the security isn’t. They are going to small-business computers and websites. In 2010, the number of cyber attacks on businesses increased five-fold from the previous year, according to the U.S. Secret Service and Verizon Communications’ forensic analysis unit, which together responded to more than 750 significant data breaches; nearly two-thirds were at companies with fewer than 100 employees. And, it’s going to get worse before it gets better. Certainly, malware and Web-malware – two flavors of malicious computer code designed to infiltrate your computers and website – can affect your shop’s productivity, since each attack causes downtime as it’s cleaned up. But, that is the least of your problems. “There are three major concerns,” said Maxim Weinstein, executive director of StopBadware.org, an industry trade group. “The first is a financial threat: money
58
avionics news

Protect Your Shop – and Your Customers – from Cyber Attacks

being stolen from your bank account. The second is the potential to lose sensitive data – both yours and your customers’. The third is a threat to your reputation when you have to explain your bad luck.” While there is no foolproof way to prevent a cyber attack – given there may be as many as 14 million bits of malware floating around in the online Ether, according to security-software publisher McAfee – you can avoid being foolhardy by understanding why your shop is at risk, what criminals hope to gain by hacking you and what you can do to lessen your exposure to the threat. This time, it’s your money at stake, and you can’t afford to let your guard down. Business Prospects The first thing you need to recognize is that small businesses are easy prey. “Cybercriminals are opportunistic,” Weinstein said. “In many cases, they’re not targeting anyone. All they’re doing is targeting vulnerabilities that they can find in technical systems.” Since you probably don’t have a team of IT people to stand guard, fix known vulnerabilities or even keep dozens of bits and pieces of software up-to-date, you’ve got one strike against you. Here’s strike two: Most small businesses assume they have nothing criminals would want. According to a 2010 survey

by the National Retail Federation and First Data Corp., 64 percent of small- and medium-size businesses didn’t think they were vulnerable to card-data theft, and half failed to assess their security safeguards. But, according to Visa, which knows a thing or two about credit-data theft, 95 percent of the credit card breaches it deals with are from small-business customers. You will strike out if you don’t take basic precautions. Indeed, most small businesses don’t. Thirty-six percent say they rely on free consumer antivirus applications, 31 percent use no anti-spam protection, 23 percent use no anti-spyware, and 15 percent have no firewall in their network, according to a Panda Security survey. Thirteen percent use no security at all. “It doesn’t take the criminal any more time or effort to do a hundred sites than it does to do one,” Weinstein said. That’s because they use automated programs to sniff out websites and computers ripe for infiltration. Their computers do the heavy lifting efficiently and secretively. As a result, hacking is big business – potentially $1 trillion globally. While some foreign governments and their sympathizers are culprits in a variety of breaches, and disgruntled employees or political rabble-rousers are guilty in a handful of others, the rank-and-file criminals are

•

may

2012

http://www.StopBadware.org

Avionics News May 2012

Table of Contents for the Digital Edition of Avionics News May 2012