Many times when I meet with a prospect I get the same 2 responses

#1 – We are too small !

#2 – We have nothing that a cyber criminal/hacker is interested in!

The fact is these 2 things are a MYTH. In this article I will explain why those 2 things are completely false and why you should be more concerned about it.

Breach Timeline

I like to explain what I call the Breach Timeline. First thing you must know, most of the time, cyber criminals don’t know(or care) who their target is! They are after 1 thing and 1 thing only, MONEY $$$. The lower hanging the fruit is the faster and easier they make money.

RECON/Scanning Phases

They go online to the dark web to buy blocks of IP addresses. Then using automated software, they scan each of these IP addresses for vulnerabilities.
Vulnerabilities are “holes” in your network devices or computers or other devices. Once a manufacturer is aware they send out fixes for these “holes”.

 

Proof/Drill Down

Once they locate some external vulnerabilities. They focus on them to see if they can make their way into the internal network. At this point they are repeating the scanning phase but internally. They are still likely using automated processes to perform this task.

Once they get inside the network, they look at each device to determine what kind of data is on them. Is there any PII, PHI, Routing/Banking information, Drivers Licenses, and etc… Each of these has a value on the dark web.

Let’s take for instance you have a spreadsheet with 1000 clients names. Each row has Name, Address, email address, physical address and cell number. That is 1000 pieces of data they can sell.

Extraction
Now at this phase they can either do 1 of 2 things.
1. Extract the data and then install ransomware so you can pay them to get that back
2. Extract, they just pull the data from your computer. If this happens you may not be aware that the data was stolen. Your information, Your Clients Information and Your Employees information. Are all on the Dark Web for sale.
How do you know if it’s happening?
Most of the time you will not unless they slip up. You may notice your computer slowing down for no reason. The internet is slow suddenly. The computer is doing “weird” things.
Without proper monitoring and controls in place you will never know. This is just 1 of the many attack vectors a cyber criminal will use.
Underdog Computer and Network Support, provides a “security first and proactive framework”. We put controls and monitoring in place to identify early and respond quickly if an attack happens