Tuesday, March 22, 2022

Attack!


Vulnerability scanning by Russians indicates the Kremlin is "exploring options for potential cyberattacks" President Biden warned yesterday.

"Harden your cyber defenses immediately."

Biden called cyberattack readiness a "patriotic obligation."

While big businesses are the likely target of the Russians, small ones are the most frequent target of cyberattacks in peacetime, according to Barracuda Networks.

A study by the cybersecurity firm found the average employee of a small business experiences over three times the number of cyberattacks that her counterpart at a large business does.

Fraudsters set their sights most often on small businesses because big ones have expensive safeguards in place.

CEOs and CFOs are the most common targets of the attacks.

Given their privileged access to systems, executive assistants are also popular targets, according to Forbes columnist Edward Segal.

Fraudsters in peacetime primarily use email to hack into and take over a business's computers, which they then hold for ransom.

Cybersecurity experts say at least one-third of small businesses are vulnerable.

More frightening than a systems takeover is fund-transfer fraud—because it's easier to pull off.

Fund-transfer fraud losses increased nearly 70% from 2020 to 2021, according to PropertyCasualty360.

Fund-transfer fraud is "one of the easier ways to monetize a cyberattack," the magazine reports.

Fraudsters use email to hack into a company and modify payment instructions on purchase orders and contracts.

They also send fake payment instructions that appear to come from vendors.

The average loss in late 2021 was $347,000.

Once again, small businesses are the most likely targets.

Fund-transfer fraud is not only easy, but potentially more profitable than a systems takeover.

That's because small businesses are less apt to pay a ransom for their computers. 

"Small businesses typically have less digital infrastructure, leaving hackers with less leverage during a ransomware negotiation," PropertyCasualty360 says.

How about you?

Are you prepared for a cyberattack?
Powered by Blogger.