On June 5, the U.S. Office of Personnel Management admitted that it had been the victim of a vicious cyber security attack which may have compromised the identity of up to 4 million current and former federal employees. According to The Wall Street Journal, the federal government suspects China may be behind the breach, but officials in Beijing continue to deny involvement.
This isn't the first time this year China has been suspected of being behind a cyberattack on the U.S. According to Reuters, at the beginning of May, the U.S. government queried China as to whether hackers within its borders had turned internationally hosted content into a weapon to attack U.S. websites.
Cyberattacks continue to grow in number and intensity. The federal government, especially, is encountering cyber security issues on an elevated level. An April 2015 report from the Government Accountability Office (GAO) indicated that information security incidents increased from 5,503 in fiscal year 2006 to 67,168 in fiscal year 2014. In another report, the GAO also stated that 19 of 24 major federal agencies have lacking information security controls. In May, the Internal Revenue Service reported that it had suffered a hack wherein prior-year tax return data of 100,000 U.S. households was compromised by identity thieves. These and other large-scale incidents point to a growing need for better security and contingency plans to protect, prevent, and recover from a data breach.
Protect your data
Many SMBs think they are protected from mega breaches such as these. And while an attack of such magnitudes may be uncommon for small and midsize businesses, it does not mean they are off the hook. In fact, according to the National Cyber Security Alliance, smaller businesses are bigger targets because they have fewer defense resources than large enterprises.
The first step to protecting your data is realizing that it is not safe. If your business keeps confidential client and employee information, such as Social Security numbers, bank account numbers, or similar - you are a target for cybercriminals. The easier your system is to hack, the greater the odds of it happening.
Cybercriminals use very sophisticated malware to gain entry into your systems with the intention of disrupting, damaging or stealing data. The two most common types of Malware, according to Cisco, are viruses and worms. Both types are able to self-replicate themselves to spread from one computer or another. Trojans are named after the famous Greek horse used to gain entry into the center of Troy. It's unassuming appearance lures the user into opening the malware which then activates itself to attack the system.
Bots, on the other hand, are automated malware that can scour the Internet to gather information without human involvement. Bots are particularly threatening to businesses because of their ability to capture and store information. Bots are also harder to detect, often exploiting systems that have recently been attacked by other malware.
Know your vulnerabilities
The first step to protecting your company's data is knowing its vulnerabilities. Conducting a health check of your systems will uncover areas of weakness that could put your data at risk.
There are a number of ways to help keep your data protected. Keeping your systems and applications up to date with the latest patches and versions will help keep them secure. There are also a number of security options available, such as email filtering, SPAM protection, Malware control, Firewalls, etc.
For businesses that cannot afford a robust security solution, consider the cloud. Cloud-based datacenters generally have enterprise-level security, an option that most SMBs cannot afford as a standalone service. If your business is not yet ready to make the transition to the cloud, a hybrid-solution may work better. Store non-critical information and applications in the cloud, while having separate, dedicated systems for sensitive information and line of business applications.
The threat is real
The risk of cyberattack is real. Data protection grows increasingly more important as the number of breaches continue to rise. Experian's 2015 Industry Forecast predicts that breaches will only get worse in the coming years, citing new opportunities for hackers with the increase of IoT and Cloud adoption. The forecast report also predicts employee negligence to be the leading cause of security incidents; and a marked shift in accountability from IT personnel to corporate leadership.
If the increasing threat of a malicious attack is not convincing enough, consider the costs associated with a data breach. According to the Ponemon Institute, the average cost of a data breach is now $3.8 million, a 23 percent increase since 2013.
Don't undervalue the importance of protecting the company's biggest asset, it's data. Contact Pinnacle, An Advanced Imaging Solutions Company to learn more about its data protection offerings.