April 15, 2020
Homefield IT
Business IntelligenceCloud ServicesIT Consulting & StrategySecuritySoftware DevelopmentTech Support & Managed IT ServicesTelecommunicationsConstructionEducationFinanceHealthcareLegalReal Estate
As we’ve written about before, cyber risk is growing among small and midsized businesses, as hackers leverage new technologies like machine learning and the dark web to launch effective cyberattacks at an unforeseen scale.
What many vulnerable smaller businesses don’t realize is how political instability and conflict shapes today’s threat landscape. In their recent Global CEO Survey, PricewaterhouseCoopers found that 72% of global CEOs think their company will be affected by geopolitical cyber activity, while just 15% feel their organizations can confidently withstand such an attack.
That level of awareness is significantly lower at small and midsized businesses, which puts this already unguarded group of companies at increased risk during times of conflict.
China Leverages National Resources for Commercial Gain
The recent trade war has heightened already tenuous cybersecurity relations between the U.S. and China. Motivated by a zero-sum goal of economic dominance, Chinese hackers have ramped up already significant attacks on U.S. businesses, targeting those with intellectual property that could help give Chinese key industries a competitive edge.
While the U.S. government has continued to indict Chinese hacking groups for these financially-driven attacks, legal measures have yet to yield any significant positive result. China remains, in the words of the present administration, “the world’s most active and persistent perpetrator of economic espionage.”
APT10 is one of China’s most active hacking groups. They’ve been linked to attacks on American utilities, European airline manufacturer Airbus, major law firms in the United States, and countless other smaller attacks in just the last few years.
Russian Hackers Operate with Tacit State Approval
Several major groups of Russian hackers operate for economic gain with an obvious feeling of impunity. These groups have been responsible for some of the most financially ruinous cybercrimes in recent years, including the theft of over 100 million dollars from hundreds of banks in the West. As with China, the U.S. government has taken punitive action against some of the more nefarious Russian hacking groups, but that has failed to stem the consistent attacks.
Have you heard the names Maksim Yakubets and Igor Turashev? These two, part of the Russian hacking group “Evil Corp,” launched the lucrative “Bugat” and “Zeus” malware, which stole tens of millions of dollars from thousands of American small and midsized businesses. They’ve also worked closely with the Russian government on various state-sponsored attacks over the years.
Political Instability and the Rise of Iranian Threats
Iran is a long-term cyber enemy of the American business community and government. In the last few weeks, the specter of all-out cyberwar with Iran has increased dramatically, prompting the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency to issue an official warning.
There is a long history of Iranian attacks on the U.S. private sector. Notable cases include the hacking of the Sands Hotel and Casino network in 2015, which cost the facility over $40 million in damages. Since then, Iranian hackers have launched high-profile denial of service attacks on several American businesses, with a focus on financial institutions.
Since the death of General Soleimani, there are signs that Iran is preparing to use its large army of cyberwarriors to launch new attacks on the U.S. Wired magazine just reported last week that Iranian hackers had started “password spraying” the U.S. electricity grid, hoping to compromise weak accounts.
How to Respond to Global Cyberthreats
The threat of cyberattacks from foreign sources is real, so what can you do about it? Thankfully, there are concrete steps that you can take to help protect your organization. To prepare early with the best-in-class security measures, we encourage you to reach out to Manhattan Tech Support, an award-winning MSP, for more information.
Proactive System Maintenance is Your First Line of Defense
There is no such thing as “one and done” cybersecurity. Your network evolves every day as you create new data, add and remove software, integrate new services, and grow your business. Ensuring strong I.T. security to meet the threat of nation-state level attackers requires proactive and ongoing vigilance.
Patch and update systems
Every device in your network, including your routers, firewalls, P.C.s, servers, and mobile devices, must be kept up to date. Because knowledge of software and hardware vulnerabilities spread like wildfire across the dark web, not being proactive about this work leaves foreign hackers a huge opportunity to infiltrate your network.
Regular Vulnerability Scanning
Vulnerability scanning uses a specialized set of tools to inspect your network and look for potential points of entry. There are two main types of vulnerability scan:
- Authenticated scans, which assumes an attacker has credentials to access your data
- Unauthenticated scans, which searches for weaknesses that any hacker could exploit.
Manhattan Tech Support, and its dedicated I.T. security division Kaytuso, helps businesses combine the latest vulnerability scanning techniques and technology to meet their unique security needs.
Informed Employees Are Crucial To Create A Strong Security-Focused Work Culture
Many of the high-profile security breaches mentioned above all share a similarity — they started with an employee lapse in judgment. Whether it was failing to identify a phishing email, falling victim to another form of social engineering, or losing a device – educating your employees is a crucial way to improve I.T. security across your organization.
Studies show that regular employee training is more effective than large, one-off events. That’s why Manhattan Tech Support offers regular, online cybersecurity training sessions that keep your staff aware of the latest cybersecurity best practices, including phishing awareness, data loss prevention techniques, social media digital hygiene, and more.
Click here to learn more about our cybersecurity awareness training solutions.
Deploy Tools and Processes for Incident Response
Another important tool in keeping foreign hacking groups at bay is your security incidence and response processes. As networks grow in complexity and the volume of production data increases exponentially, these platforms have become crucial to helping companies address cybersecurity events at scale.
A strong cybersecurity incident response plan should include the following elements
- Tools for monitoring your network devices, detecting security incidents before they do significant damage, and alerting system administrators of any cybersecurity events.
- Staff members and toolsets for analyzing each security incident, which includes gathering digital forensics and analyzing data to assess damages.
- Having strong, documented policies in place to respond to cybersecurity events, with clear lines of communication between stakeholders.
The Surest Path to Security is with Award-Winning Cybersecurity Services
While the right intelligence and processes can help you reduce the threat of cyberattack from outside the U.S., there is no replacement for comprehensive cybersecurity service from a team of professionals. For over two decades, Manhattan Tech Support and its dedicated cybersecurity division, Kaytuso, have been providing world-class cybersecurity consulting and service to businesses across the United States.
If you’re interested in better protecting your business from threats— both domestic and foreign – why not reach out and ask us how we can help? Contact our friendly team of experts at any time at [sales-phone] or [email-address].
