“Cyber intrusions and attacks — many of them originating overseas — are targeting our businesses, stealing trade secrets, and costing American jobs. Iranian hackers have targeted American banks. The North Korean cyber attack on Sony Pictures destroyed data and disabled thousands of computers. In other recent breaches that have made headlines, more than 100 million Americans had their personal data compromised, including credit card and medical information.”
This commentary doesn’t belong to a cybersecurity expert working for big business. And they’re not an assessment by a member of the intelligence community.
No, these words were published in an April 1, 2015 op-ed in Medium (a popular online journal) by none other than the 44th President of the United States, Barack Obama. They speak to the enormity and seriousness of the problem that cyberattacks initiated in foreign countries present to American businesses and citizens.
These concerns have not dissipated in the interceding years. In fact, the threat continues to grow.
Cybersecurity vulnerability isn’t just an American problem. It is a truly global concern. That recognition has driven international cooperation among the world’s governments, best exemplified by early agreements like the Budapest Convention on Cybercrime, and supported by more recent measures, like the Obama Administration’s Executive Order promoting the sharing of private sector cybersecurity information.
These efforts aim to protect consumers and businesses in developed nations, by building up capabilities and shoring up vulnerabilities in both developed and developing countries. After all, cybercriminals often operate more freely in less-regulated, emerging economies.
But, not all international initiatives succeed. In fact, nations like China, Russia and India have bristled at the terms of agreements like the Budapest Convention, preferring to keep their policies, capabilities and vulnerabilities closer to the vest.
So, while some global efforts are succeeding in identifying and bridging cybersecurity gaps – this paper by the non-profit Third Way captures the latest success and challenges – American businesses still face a digital environment fraught with danger.
As a business owner, you can appreciate the gains made by global cybersecurity cooperation. But, at the same time, you must also do everything you can on your own to secure your digital assets.
Protecting Your Business From International Cybercrime
There are a number of things you can do to minimize the chance of being victimized by international cybercriminals. This article from The SSL Store outlines a detailed, robust 9-step guide for cybercrime prevention:
- Follow industry best practices (GDPR, NIST, HIPPA, PCI SSC)
- Implement digital and physical security measures (antivirus, firewalls, etc)
- Keep up with asset lists, patches and software updates
- Manage SSL/TLS certifications and keys for your domain
- Train employees to identify threats and take appropriate and immediate action
- Implement email security solutions and run your employees through phishing simulations
- Monitor traffic and access to increase transparency
- Test and assess your systems regularly
- Develop, implement and enforce new security policies often
This a great, comprehensive list. The only problem is, it’s impossible to implement all of these recommendations for most small businesses. If you have the budget for a robust IT team, yeah, you can handle most of this in-house. But, most small businesses run a shoestring IT operation with one, maybe two, people.
So, What Can Small Businesses Do To Prevent International Cybercrime?
If you’re a small business, a more reasonable technical solution may be to simply wall yourself off from countries known to host a large number of cybercriminals. If you don’t do business in places like Russia, China, Brazil, or any other country from which a large number of cyberattacks are known to originate, then there’s no reason to leave yourself exposed to bad actors in those locales.
One solution we’d recommend is the SonicWall Geo-IP Filter. Configuring the filter is relatively straight-forward and easy. If you don’t do
any international business at all, you can simply block all international traffic and call it a day. If, on the other hand, you have a few international markets where you’re active, you can set up the filter to allow connection from just those countries.
But, what if you have a substantial number of customers in some of those less-regulated countries? For this scenario, you can create a “white list” of IP addresses that belong to your clients and you know are safe, and still block traffic from everyone else.
One word of caution: the Geo-IP Filter may not protect your network from VPN connections. VPNs are used to route internet traffic through one or several servers located in different parts of the world, masking the true origin of the user.
Beacon Knows Cybersecurity
Want some expert help setting up the Geo-IP Filter, or implementing any other cybersecurity measure? BITS is here to help. Give us a call today.