Security & Vulnerability
I attended a Business Solution Summit hosted by Lexmark in Milwaukee, WI and was surprised by the stats given on data breaches within corporate America. It seems every time you listen to the radio, television or any news outlet, you hear about hackers, data breaches, cyber security, etc… In fact, every evening driving home I hear at least 3 commercials advertising “protecting your identity”. Never before has our country become so hostage to others looking to profit off of our vulnerability (and possibly innocence). For those who believe all you need to do is protect your Social Security Number and nothing bad will happen should think again.
Here are a couple of things I took away from the summit and wanted to share:
- $65 million = The total average cost of a data breach in the U.S. last year
- 36% = cause of information leaks – either malicious or accidental
- Information = intellectual property, state secrets, financial data, healthcare information, personal identification information
According to WSJ “Every major company has been attacked. We are at war! The absence of body bags doesn’t lessen the importance.”
The terms, Hacker, BOTS, Phishing, Social Engineering refers to outsiders and their methods to capture data which could be brought on by a terrorist or even a corporate competitor; however, Open Security Foundation found that 36% of all information leaks occurred from within a company’s own walls…meaning inside your own firewall. As stated above, this could be malicious or completely accidental.
What information are the “hackers” phishing for?
The answer depends on the “hacker” and the sources they have to draw upon – it could be large like Home Depot, Target, Anthem, IRS or a small business. Here in Richmond, VA we spoke to a client who had their information “hijacked” because someone innocently clicked a link or zip file attached to an email. Before you discount this and say, “I would never do that.”; or, “everyone in my office knows not to do that.” Think. This is how these people make their money and like everyone else in business, the better you are at your job the more you make. Some hackers might make a simple or sloppy attack plan and snag a few; and some take a little more time and make something look so authentic it fools even those who are on the lookout for scams. The client I’m speaking of was contacted and informed their data was being held ransom and for the price of $5,000 they would release the information. In this case the company chose not to pay and lost their data from the time of their last back-up.
Other information “hackers” are phishing for is intellectual property, state records and secrets, financial data, healthcare information or personal identification information, these were the primary drivers behind the Anthem and recent Federal Government breaches. According to one study, it’s not about credit card theft as much as it is about gathering as much information as they can to use. Of course we hear the big numbers like the Target breach – more than 40 million cards and Home Depot was more than 56 million! Bank Accounts used to be top – credit cards on the “dark web” (referred to by the FBI) is dipping and considered to be traded like a commodity. Records with personal information is on the rise, the more information you can collect about individuals, the more valuable. Imagine someone gaining access to not only your personal medical records, but your entire family’s medical records. What about your complete financial portfolio? Bank account information, mortgage information, retirement funds, liens, or, your Legal records? Bankruptcy, devoice, law suits pending.
How To Protect Your Information
Recently I spoke with two highly regarded owners of IT firms and asked how I can educate my staff to better fend off attacks like these. Their answer was, first start by never clicking on a zip file or any attachment from someone you’re not expecting something from. If you think it may be suspicious, call that individual and ask them if they sent you something. Second, have a good detection plan in place and ready to respond. Third, make sure you back up your data every day and know your data is good by testing the recovery.
All of this sounds scary and it should because no one knows how far this will go or the ramifications of it all. What I can tell you is Stone’s Office Equipment will provide your office with equipment to help eliminate some of the potential risks.
Isn’t Office Equipment At Risk Of Getting Hacked?
A couple of years ago, the CBS news ran a story about copiers having hard drives and how every time a document is copied, scanned or printed the image resides on the hard drive. They were able to “hack” into some of the hard drives and retrieve some pretty sensitive information. Once the story broke, we started getting calls from our customers asking if we knew about this and what measures Stone’s Office Equipment takes to protect their data. I talk more about that later.
- Copiers and MFP devices featuring a hard drive are wiped at the end of your lease or upon trade in. We’ll even remove the hard drive for customers and give it back to them so they can destroy it themselves.
- Lexmark MFP’s wipe the device after every job: copy, scan, print and fax
- Sharp copiers and MFP’s some standard with Lease Return Hard Drive Clean feature – wiping the hard drive back to new status
- Many devices we sell have Authentication – which will restrict the devices or users from performing tasks you don’t want
For more information about Security and Vulnerability, give us a call (804) 288-9000.