Cybersecurity: Small Business Solution to an International Problem

“Cyber intrusions and attacks — many of them originating overseas — are targeting our businesses, stealing trade secrets, and costing American jobs. Iranian hackers have targeted American banks. The North Korean cyber attack on Sony Pictures destroyed data and disabled thousands of computers. In other recent breaches that have made headlines, more than 100 million Americans had their personal data compromised, including credit card and medical information.”

This commentary doesn’t belong to a cybersecurity expert working for big business. And they’re not an assessment by a member of the intelligence community.

No, these words were published in an April 1, 2015 op-ed in Medium (a popular online journal) by none other than the 44th President of the United States, Barack Obama. They speak to the enormity and seriousness of the problem that cyberattacks initiated in foreign countries present to American businesses and citizens.

These concerns have not dissipated in the interceding years. In fact, the threat continues to grow.

Cybersecurity vulnerability isn’t just an American problem. It is a truly global concern. That recognition has driven international cooperation among the world’s governments, best exemplified by early agreements like the Budapest Convention on Cybercrime, and supported by more recent measures, like the Obama Administration’s Executive Order promoting the sharing of private sector cybersecurity information.

These efforts aim to protect consumers and businesses in developed nations, by building up capabilities and shoring up vulnerabilities in both developed and developing countries. After all, cybercriminals often operate more freely in less-regulated, emerging economies.

But, not all international initiatives succeed. In fact, nations like China, Russia and India have bristled at the terms of agreements like the Budapest Convention, preferring to keep their policies, capabilities and vulnerabilities closer to the vest.

So, while some global efforts are succeeding in identifying and bridging cybersecurity gaps – this paper by the non-profit Third Way captures the latest success and challenges – American businesses still face a digital environment fraught with danger.

As a business owner, you can appreciate the gains made by global cybersecurity cooperation. But, at the same time, you must also do everything you can on your own to secure your digital assets.

Protecting Your Business From International Cybercrime

There are a number of things you can do to minimize the chance of being victimized by international cybercriminals. This article from The SSL Store outlines a detailed, robust 9-step guide for cybercrime prevention:

  1. Follow industry best practices (GDPR, NIST, HIPPA, PCI SSC)
  2. Implement digital and physical security measures (antivirus, firewalls, etc)
  3. Keep up with asset lists, patches and software updates
  4. Manage SSL/TLS certifications and keys for your domain
  5. Train employees to identify threats and take appropriate and immediate action
  6. Implement email security solutions and run your employees through phishing simulations
  7. Monitor traffic and access to increase transparency
  8. Test and assess your systems regularly
  9. Develop, implement and enforce new security policies often

This a great, comprehensive list. The only problem is, it’s impossible to implement all of these recommendations for most small businesses. If you have the budget for a robust IT team, yeah, you can handle most of this in-house. But, most small businesses run a shoestring IT operation with one, maybe two, people.

So, What Can Small Businesses Do To Prevent International Cybercrime?

If you’re a small business, a more reasonable technical solution may be to simply wall yourself off from countries known to host a large number of cybercriminals. If you don’t do business in places like Russia, China, Brazil, or any other country from which a large number of cyberattacks are known to originate, then there’s no reason to leave yourself exposed to bad actors in those locales.

One solution we’d recommend is the SonicWall Geo-IP Filter. Configuring the filter is relatively straight-forward and easy. If you don’t do

any international business at all, you can simply block all international traffic and call it a day. If, on the other hand, you have a few international markets where you’re active, you can set up the filter to allow connection from just those countries.

But, what if you have a substantial number of customers in some of those less-regulated countries? For this scenario, you can create a “white list” of IP addresses that belong to your clients and you know are safe, and still block traffic from everyone else.

One word of caution: the Geo-IP Filter may not protect your network from VPN connections. VPNs are used to route internet traffic through one or several servers located in different parts of the world, masking the true origin of the user.

Beacon Knows Cybersecurity

Want some expert help setting up the Geo-IP Filter, or implementing any other cybersecurity measure? BITS is here to help. Give us a call today.

By | 2019-11-19T14:24:15+00:00 November 19th, 2019|IT Services|

Top Security Breaches of 2018

Some of the biggest companies in the world were hit by some of the biggest cyber security breaches in 2018. Of the 24 largest breaches of all time on the USA Today list, three of the top 10 occurred last year – Marriott, Under Armour and Quora.

But it’s not just the digital novices who are vulnerable. Cyber breaches were also a problem for tech-giants, like Google, Facebook and Twitter last year. If Google isn’t safe, what chance do small and medium-size business have of keeping their digital infrastructure secure?

A snapshot of the digital security landscape, afforded by a peek at some of the biggest breaches of last year, can at least give us an idea of what private business owners could be up against. That broad look should also provide the ammunition to assess what solutions need to be applied.

The Breaches

  1. Marriott: 500 million customers
    • What was stolen: names, addresses, email addresses, phone numbers, dates of birth, passport numbers, credit card and additional personal information
    • What happened: Reports of the breach alleged the company was hacked by foreign intelligence operatives. The vulnerability came via Marriott’s Starwood booking system, which the company purchased in 2016. Investigation revealed that the Starwood system was compromised since 2014.
  2. Under Armour (MyFitnessPal): 150 million customers
    • What was stolen: names, email addresses, encrypted passwords
    • What happened: The company discovered unauthorized third-party access to some of its customer data, but reported that its security measures kept the intruders from more sensitive information, such as GPS location, eating habits, credit card and Social Security numbers.                                                                     
  3. Google Plus: 52.5 million customers
    • What was stolen: names, email addresses, dates of birth, personal Google + session information
    • What happened: A security audit discovered that outside app developers could have had access to personal information of Google Plus users b/w 2015 and 2018. The company announced a breach affecting 500 thousand users in October (the breach occurred several months earlier). In December, Google revealed a second, bigger breach of 52.5 million users. Google is ending the Google Plus platform, and the breaches have helped to expedite its demise.
  4. Panera Bread: 37 million customers
    • What was stolen: names, addresses, email addresses, dates of birth and last four digits of customer credit cards
    • What happened: Panera was tipped to a database leak in August of 2017, but ignored warnings of security experts. The company failed to take action for eight months.

What Does This Tell Us?

It’s not every day that you’ll find yourself the target of government-sponsored hackers. Or is it? Reports have circulated for years about foreign hacking of corporate, government and infrastructure targets in the US.

Putting aside the fact that Marriott was potentially the target of international espionage, the company acknowledged a sub-optimal investment in cyber security. While internal security protocols did signal an unauthorized access to the system, they were not sufficient enough to detect the vulnerability during the acquisition of the system two years earlier. Marriott has since hired a new chief information security officer and began reporting on cyber risks to the company board.

Marriott, like Under Armour, was at least partially positioned to withstand cyber attacks. Both companies responded by studying their vulnerabilities and applying fixes in short order. Notably, they went to outside experts who could provide an honest, objective assessment of threats and recommend the right fix.

Google decided to keep the initial breach in-house – because they’re Google – and was burned by another, much bigger breach less than 10 months later.

Panera, on the other hand, mishandled everything – from the initial vulnerability, to the flagging of the issue by an outside security researcher. Eight months passed between when Panera was notified to when a fix was applied. And in the process, the company ignored a credible tip and efforts of an informed individual trying to help.

Hubris and presumptive arrogance on one end… insufficient deployment of security resources on the other. Despite the size of these companies, when it comes to cyber security, the execs of international corporations face the same type of problems and decision-making concerns as small business owners.

So, What Can Business Owners Do?

Well, the first thing to do is to acknowledge that cyber security is not your area of expertise. Guard against that hubris and arrogance by staying humble in your attempts to address this need. It’s ok to acknowledge that you’ll need the help of a trusted cyber security expert.

That said, the scale of the threats you’ll face is probably different than that of Marriott and Google. It’s unlikely you’ll face government-sponsored espionage. Small and medium-sized business are more likely to fall victim to ransomware attacks. As such, you’ll need backup and firewall services tailored to exploits favored by ransomware attackers.

At Beacon, we lean on the SonicWall Capture Advanced Threat Protection service to keep our clients free from ransonware and subsequent critical failures. The SonicWall platform is designed to discover and defeat zero-day (brand new) threats, and is set up to provide automated remediation – meaning you don’t have to lift a finger.

Beacon Knows IT Security

If you’re ready to take your IT security to the level it needs to be, give BITS a call. We’ll be happy to talk through the needs of your business.

By | 2019-03-19T11:57:50+00:00 February 26th, 2019|IT Services|