The Cascading Effects of a Cyber Incident

Recently, SolarWinds, a company that produces a network and applications monitoring platform called Orion, was compromised. A successful cyberattack that injected malicious code into the software gave the hackers access to SolarWinds’ customer data.  The attackers used several techniques to remain undetected while they accessed SolarWinds’ network and implemented a back door to their end-users’ systems. This well-orchestrated attack was aimed not only at SolarWinds but also many other organizations in a cascading fashion. 

It is easy for smaller companies to look at the SolarWinds incident and think that their small size might keep them safe from greedy hackers. According to a recent article in Commercial Integrator, ”the reality is, this kind of cascading impact is not always caused through sophisticated attacks as seen with SolarWinds. There are much simpler examples, one of which is the constant occurrence of business email compromise.” Often, employees use weak passwords without multi-factor authentication and cyber criminals can breach user accounts and launch phishing campaigns from a legitimate email account to an entire internal contact list. Unaware of a breach, employees are often fooled into changing invoice payments, bank account numbers or sending sensitive information.

In a 2020 study of 250 small and medium sized businesses (SMBs), 48 percent reported multiple serious incidents over the past year, averaging about three events per year. If the devastating effects of a cyber incident stopped at the theft of the target company’s information, it would be, for all intents and purposes, manageable. However, a closer examination will tell you that if a company’s information is stolen, so is the information of their customers, vendors, and employees.

Small and medium-sized businesses are uniquely susceptible to cybersecurity threats because they often lack the resources of larger enterprises to invest in more sophisticated and comprehensive solutions. For every high profile, sophisticated attack there are dozens of smaller ones that we just don’t hear about. In fact, 43 percent of online attacks are now aimed at small businesses, a favorite target of high-tech villains (more here).  COVID-19 has only made it worse, leading to a spike in global cyberattacks since the start of the pandemic.

Cyberattacks are increasingly hard to prevent

Cybersecurity prevention must be a process of continuous improvement. Regular updates to security assessments, employee awareness training, network firewalls, password security, and more are needed to keep threats at bay. Check out this checklist of 15 ways to help your business prevent a cyberattack to possibly uncover an area of vulnerability in your security stack.

Unfortunately, as the recent SolarWinds cyber incident shows, breaches are possible even when security measures are taken. SolarWinds’ response plan included updating their software along with numerous recommendations and remediation techniques. An incident response plan is a set of instructions to help IT staff detect, respond to, and recover from network security incidents. Having a response plan in place helps ensure that your business will survive a cyberattack and your employees will know exactly what to do in the event of a breach. These types of plans address issues that threaten daily work, such as data loss and service outages.

Know where you stand

The cost of a cyberattack is more than just monetary. Losses vary from business to business and can include a tarnished reputation, penalties/fines, loss of business credibility, cascading breaches to your vendors and customers, and in some instances having to close a business’s doors permanently.

Before it’s too late, you should create your own incident response plan. You can start by evaluating How Secure Your Office is, so you know what you’re up against.

If you aren’t sure where to start, work with a Managed Service Provider (MSP) that has cyber security expertise. Businesses often ask, “Can I afford to work with an MSP for our cybersecurity?” Due to the increasing cybersecurity risks and threats, the more important question to ask is “Can I afford not to?” After all, in the event of a security breach, your company isn’t the only victim.