Revenge is the new cyber risk
True crime aficionados, there’s a whole new subgenre out there for you: hackers for hire. Yes, you can hire a cyber thug to to wreak havoc on your enemies, be they corporate or personal.
Do you resent the poor job your remodeling contractor did on your kitchen? Is an ex-girlfriend stalking you? Did your boss give you a less than stellar review? These grievances are easily taken care of by hired hackers who flood websites with traffic that knocks them out and launch malicious attacks on servers.
Don’t get any ideas about considering using such a service.
Four administrators of such a service were recently arrested and their servers seized through the efforts of 12 international law enforcement agencies. According to Europol, the law enforcement agency of the European Union, hack-for-hire webstressor.org had more than 136,000 people registered on its site. Over 4 million Direct Denial of Service (DDoS) attacks were launched by the service in recent years. Some reports put that number at over 6 million. Americans made up the majority of both targets and customers.
According to law enforcement, webstress.org is arguably the most successful of the hacker-for-hire sites. Its alleged administrators were arrested, but police across the world are now paying visits to their users. Users across the world are being either arrested or issued warnings about the consequences of continued use of DDoS products.
Protecting against an attack
I specifically warned about increasingly creative cyber attacks in an earlier blog post: “We might as well call them artists because their creativity knows no bounds. Cyber criminals are constantly outsmarting software developers and IT professionals.” The same post discusses the fact that small businesses are more at risk than large ones.
Thirty-one percent of all cyber attacks take place in companies of less than 250 employees. Unfortunately, 40% of small businesses have no contingency plans in place. An attack that shuts down your website or results in a data breach could devastate your business or even bankrupt you.
Hackers aren’t only people who can shut your business down. Email scammers, negligent IT departments, cyber extortionists and disgruntled employees can also put your business and assets at risk.
What you can do
Making risk management a priority is the best protection for your company and your customers’ information.The the following questions can help determine area of weakness that need your attention.
- Is your company following best practices for handling specific types of data?
- Does your company have written data security policies and procedures in place?
- Does your company have cyber risk insurance coverage?
- If there a designated person in charge of IT security? Does the company have a data back-up plan?
- Does the company have an incident response plan?
We invite you to read 8 Tips to Reduce the Risk of a Cyber Attack. Every small business is vulnerable, which is why we offer a Cyber Risk insurance policy that meets your organization’s specific needs.
