“At this time, the malware targets banks, payment card providers, mobile services providers, payroll, webmail and e-commerce sites in the U.S.,” https://threatpost.com/new-icedid-trojan-targets-us-banks/128851/
Cyber vulnerabilities and exploiting them are, more often than not, about money. Cyber criminals continue to look for “soft spots” in order to exploit a company’s, or country’s, Intellectual Property (IP) or sheer economic gain. Either way, this is an economic drain to legitimate entities trying to protect and defend their own private property and/or resources.
Ransomware is available on the dark web starting around $29.95 for any teenager to purchase. However, it is not the teenager that typically employs such tools. Sophisticated but malicious coders all over the world combine that with phishing and other attacks to gain access to a targeted network.
The fact that the NSA, Equifax, Deloitte and many others have been hacked should be a wake-up call regarding our processes and manpower. Many of these entities have the financial resources and have already deployed the “best cyber security products money can buy.” But it is not about purchasing power. If it was, only the top companies could afford protection and the rest, well, would be floating helplessly in a shark tank.
Thankfully, this is not the case. Yes, good, solid cyber security products are available through manufacturers and VARS. But products are only one leg of the stool. In my experience, many of those products are only partially utilized. Budgetary decisions drive what resources are committed to what products/departments which can impede cyber security, your customers and, ultimately, your trustworthiness in the industry.
According to an article by the Denver Post, over 60% of small- to medium sized businesses cannot survive and go out of business within 6 months of a hack. While any organization’s products or services are vital, just as important is your constituents/clients/customers trust that you will protect their privacy. At all costs. No excuses.
There was a time when customers were told to take their hacked-entity-grudgingly-provided LifeLock subscription and go sit in the corner waiting to see if their lives get turned upside down. The daily ticking clock in the background was stressful and deafening. For those who became victimized by those breaches, it was far, far worse.
That tide is turning as providers of goods and services, whether private sector or government, are coming to realize that integrity, brand and trustworthiness means everything. Thinking businesses are actively seeking ways to communicate, collaborate and innovate with fellow-businesses. Forward-thinking businesses are looking for ways to do the same with their consumers.
Today, there is a war. A cyber war. At risk is our economy, intellectual property, quality of our lives and individual peace-of-mind. Either we appropriately “suit up and show up,” or we embrace institutional and institutionalized victimhood.
“Better to be a warrior in a garden than a gardener in a war”
Unknown, but often attributed to Sun Tzu