Celebrities who appear to be suddenly successful have long been called “overnight sensations.” In reality, most of these instant stars worked for years to perfect their skills before they got their big break.
Cyberattacks often follow the same trajectory. They are not always immediately disruptive because they are executed stealthily over long periods of time. Only when attackers feel confident in their breach capabilities do they strike.
Three Areas of Focus for Cybercrime Security
Enterprises employ sophisticated technologies to prevent such attacks, but there are other ways to intrude on corporate information that don’t rely on full digital access. Security professionals must train users to be aware of these three less obvious areas that can be exposed to create avenues for intrusion.
Servers are typically kept in secure locations. But with so much data moving to cloud-based environments, it’s easy to forget about the significant amount of sensitive information stored within office facilities. Depending on what is stolen in a physical break-in, the loss may be unnoticed for some time after the fact. Thieves can gain access by breaking locks or stealing keys from an employee’s desk.
Once they have access to server facilities, thieves can simply remove attached storage, backup media or even entire servers. Stealthy intruders might just plug their own removable drives into server ports and siphon files onto them, then leave. Users’ desktop computers may be protected from this kind of access, but because servers are assumed to be inaccessible, they seldom have that kind of protection installed.
Espionage can take many forms in many environments, and it is being practiced against enterprises around the world. In its most effective incarnation, victims are entirely unaware that they are providing information that can damage their company.
Determined data thieves go after small bits of information from a variety of individuals. They might make a phone call to the front desk to ask whether a particular person is out of their office, then send a maintenance worker to that office to find specific information. Or they might casually meet a targeted employee during his or her lunch hour after following them from the office, and then strike up a conversation from which to extract a seemingly innocuous, yet critical details.
Each bit of information gathered is eventually compiled to create a detailed understanding of the target company’s vulnerabilities. Since the efforts take place over an extended period with multiple individuals, the chances of detecting this kind of activity are slim. The only defense against this kind of social engineering is to implore employees to be wary of the tactics.
Protecting mobile devices while connected to Wi-Fi access points is part and parcel of enterprise security. But the number and variety of personal mobile devices is growing rapidly, and it’s common for employees to carry multiple connected devices, any of which they may use to connect to services within and beyond the confines of the enterprise. While company-issued smartphones may be secure, personal devices such as tablets and smartwatches could offer cybercriminals the opportunity to steal personal information even if enterprise data is locked safely away.
Employees may unwittingly allow access to these devices. Direct access to enterprise resources may be blocked, but workers sometimes save miscellaneous but critical information on their personal devices simply so they can access it more easily. Enterprises should actively and continuously inform employees of the risks of mixing personal and company information.
Determined data thieves will continue to find ways to gather any information they can to gain access to critical enterprise data. IT needs to maintain security around its digital assets and be aware of the less technical ways their companies can be exposed.