There’s a dangerous myth that only government agencies, large organizations and other “big players” are susceptible to cyber-crime. This myth is believable since only the big players make the evening news. The tens of thousands of SMBs that collectively lose hundreds of millions of dollars each year go unmentioned.
The truth is, most successful cyber-attacks are random and incidental. The so-called “hack” that put John Podesta’s emails in public view was the result of a phishing attack, similar to the kind that plague the inboxes of every one of us. A carefully crafted email that compels its reader to click a link or open an attachment is the easiest way to get into someone’s computer. Most cyber-criminals are fishing with dynamite—one big email blast and they scoop up the victims with a net. Big or small, it’s all the same to them. It’s a volume business. They’re just as happy to empty your bank account as anyone else’s.
In the case of John Podesta’s emails, it is believed to have been a spear phishing attack—a phishing attack directed specifically at him. These are more likely to target prominent people, but are also used on small business owners. Another phishing variation has been coined “whaling.” These phishing attacks are specially crafted so their content and call to action attract executives and upper-level management. Whether it’s your email provider asking you to change your password or an attorney issuing a subpoena, the message is crafted to get your attention, your click, and maybe even your password.
Your employees are vulnerable targets to phishing attacks and other forms of hacking. Employees put businesses at risk in other ways as well. It’s important to educate them on the threats your business faces and how they may be aiding these criminals. It’s equally important to put technology measures in place to block hacking attempts. While technology can’t block everything, a mix of technology and employee education can go a long way in reducing your company’s risk of a cyber-attack.
If you’d like some help reducing the risk of cyber-attacks in your business, contact CMIT Solutions for a free consultation. We can help you with the technology and employee education needed to keep your business secure.