Could Your Business Survive A Major Financial Loss? - Part 1

Let's face it, criminals are after your hard-earned money. We hear about incidents daily, so let me try to summarise some of how businesses have had major financial losses in the not-so-distant past ....

Let's look at technology-based attacks first. Phishing emails are the ones most people know. You receive an email which looks identical to the ones you receive daily from your colleagues, but only this time, you don't spot the spelling mistakes and don't notice that the email domain is not your company domain name.

"And you don't notice that the logo on the email footer is a bit blurred!"

All in all, because we are so busy, we just click on the link and follow the instructions. Bang! The hackers are in! They have downloaded malware/spyware into your systems and will be snooping around for weeks and months to see what data and how much of it they can steal.

This may be bank account details and your customer data, names, addresses, dates of birth, social security/national insurance numbers ... all of which they can sell on the dark web or the physical black market to create even more damage at a later date.

IP hacking is another technology-based penetration of your systems. Hackers look for holes/back doors in your network architecture which may have been left open either for a specific purpose or by not knowing that the gateway was open in the first place. There are extensive rules on high-end routers that should be used in a business environment. These rules allow the blocking of unauthorised IP addresses coming in from random sources. In 2017 a casino got hacked because they installed a fish tank feeder/thermometer that used an APP to control it. The feeder was connected via the Wi-Fi to the network and was left vulnerable and open to an attack. You can read the details here, Over 10gb of data was extracted through the breach at the time.

Back to the present and IoT devices are in abundance on networks; be they for temperature, humidity, people counting sensors CCTV/fire alarm systems, printers, copiers and many more devices that can be hacked into without your knowledge.

Here's some food for thought: get a penetration test done on your networks and the report will identify all the gaps in your systems and confirm to you how good, bad or mediocre your IT support really is. Penetration tests are not cheap, but there again, neither is a data breach or bank hack.

And finally, if you get an SMS text message informing you that there has been a hacking attempt on your bank accounts, don't follow the links as they are a red herring and only lead to the hacker's front door. Always, always, always, log in to your banking apps directly and talk to the support team through there.

We'll talk about human-based manipulation, often called Social Engineering, that can lead to massive financial losses in my next blog post.

If you feel inspired to find out more then do call me on 07555 807700 or leave a comment below and I'll be in touch as soon as I can.