IT Untangled: What Do Hackers Want With My Business Data?
In the days of the “Wild Wild West,” stealing was as simple as who had the most guts and the biggest gun. Cue a western bank robbery scene with tumbleweed included.In the new millennium, stealing from businesses is fewer guns and more hacking. And while we understand why stealing from large corporations like Target or Amazon makes sense, why on earth would you hack the little guy? Believe it or not, small-to-mid size businesses are targeted more so than their larger counterparts.
But this idea still begs the question: Why?
The Business of Stealing Your Data
Hackers want your business data because it translates to money. Yes, it’s really that simple.
And while it seems as if your business data, except for maybe your bank account information, would be useless for hackers, they have found many ways to manipulate that data into a payday cash prize.
How Your Data Makes Dollars and Cents
Let’s start with this - how important is your data to your day-to-day operations? How much money, time, and trust are you losing each minute that your data is withheld from you?
This is the key.
Once they have taken possession of your data, they will keep it for ransom. The ransom price varies wildly – consider this, the more they know about your company, the more it’ll cost you to get it back.
But because you're clever, you have a secret, super secure backup and don’t need to pay the ransom because you can restore your data. No harm no foul.
But THEY also have a backup plan.
If you don't pay up, they’ll sell it elsewhere. Think: your biggest competitor, or on the deep web. And even if you DO pay it, they may still decide to sell it.
At the end of the day, information equals currency and hackers will sell it to the highest bidder.
But How Do Hackers Get My Information?
There are more techniques than there is time in a day to go over the “How.” The most popular are the following:
1. Weak Security Policies – avoid weak passwords! There are countless ways to figure out a Hackers use rapid random letter and number combinations until it’s cracked. If your company has been a target once or more, it might be time to consider a two-factor authentication process.
2. Phishing/Social Engineering – Email is like the carpool lane to your system for hackers. Hackers, posing as someone legitimate, requests information to “log in,” or tricks you into downloading a virus by clicking on a malicious link. Essentially, you’ve given them the information by handing them the keys to your Kingdom.
3. Missed Security Updates –Simply put, old(er) software has more vulnerabilities than newer software. That doesn’t mean you need to buy new software yearly, but it does mean, with age, you’ll need to be more vigilant about your security process.
Preventing Hackers From Getting Your Data
Prevention has many steps. Your best bet is to get on board with your IT service providers “best practices” for security.
First on that list is usually a strong password policy. The password requires complexity and a system that will lockout after a certain number of consecutive attempts are entered incorrectly.
Secondly, good firewall policies, such as having a VPN in place for remote connections, closing ports that are not being used, and logging traffic that comes in and out of the network are all vital ways to keep hackers from getting in.
Rounding out third is antivirus. As common sense as a good antivirus sounds, you’d be surprised how many times hackers have gone around them. A good antivirus will detect most viruses or malware that a hacker releases to gain access or to view sensitive information. The antivirus will prevent this malware from running on your system. But antivirus alone can't stop the attacks.
Lastly, Internet content filtering is also extremely important. These systems block certain web traffic, limiting the chances that one of your employees will visit a malicious website.
Your company information is worth something to someone, believe it. If your business is vulnerable, even in the slightest, a hacker will find that vulnerability and take your data. That is why it is important to keep your data protected at all times. Work with your managed IT service provider or IT department to set a strong security front against hackers for your company.
Questions? Think your security process could use some work? Give us a call at (800) 481-4369.
IT can be complicated. We're here to help "untangle" it for you.
IT Untangled aims to provide clarity on IT topics for business people. This weekly blog series will explain and discuss the complex world of IT, in words you understand.