What Hackers Want From Your Network and the Damage They Can Do

February 2017: If you lock up something physical then you should lock up the digital version, too! Would you leave the front door to your house open all night? Would you leave your intellectual property or your customers’ files out on the curb?

Think of your network as a virtual representation of your property and you’ll understand what hackers want — something (anything!) someone else will pay for or will pay off for the hacker. Here are six things hackers do and some easy ways to thwart them:

1. Hijack your transactions
If you discuss pending transactions over email, a hacker can get in the middle of your discussion. There are many cases of a hacker getting into an email system and redirecting email so the hacker can pretend to be the other party. Transaction negotiations continue with the hacker. When the deal closes and it’s time to wire the payment, guess whose account the money is deposited in? Not the party who’s been impersonated, that’s for sure.

2. Hijack your servers
Firewalls for your servers may not be the most exciting technology to think about but if yours aren’t up to snuff, the FBI just might show up at your door. Hackers use unprotected servers to launch cyber attacks and store the data they stole from other hacks. So, if your servers are used in the commission of a crime, you can kiss them goodbye for a while. The FBI will need them to make their case. Even the most skilled lawyers will likely have a tough time getting them back for you anytime soon.

3. Profit from insider information
Sure, your employees know they’re forbidden to use inside information to profit on the market but hackers can certainly use (and sell) insider information — and they do. They infiltrate networks and look here and there, gathering information and being patient. Then, when the time is right, they sell the information on the dark web. Hackers also use stolen business information to poison deals or put themselves in a position to profit from deals in progress.

4. Sabotage your business
Competition can be ruthless. Payback can be brutal. So can greedy or desperate people. Hackers use stolen information to interfere with business operations, take down websites, delete and change files, sell files to competitors, embarrass people, wage disinformation campaigns — there’s no telling how many creative ways your information can be used against you. Hackers will be able to think of a lot more ways than you can because that’s their day job.

5. Sabotage your business — from the inside
The last thing you want to think about is one of your own attacking you. But it happens all the time. Recently, a company was getting ready for a round of layoffs and a network engineer found out that he was on the chopping block. So, he deleted all of the configurations on all of the routers, leaving the company’s entire communications infrastructure crippled. Leapfrog has witnessed unfortunate insider attacks related to companies that have not taken proper controls to secure email.

6. Leak or publish your information
You may not be running for elected office but you probably still don’t want your emails or internal information spread far and wide — or held hostage for ransom. Especially if you’re in the middle of a merger or a crisis of some kind. Whether they’re showing off their hacking abilities, trying to influence decisions or public opinion, shaming, whistleblowing, or disseminating confidential information for any other reason, it’s still your information. Your property. And while reputable journalists publish information considered to be for the public good, not-so-reputable people do it for clicks.

Keep in mind that even if you think it’s unlikely any of the above scenarios would play out for your business, you still have a fiduciary (and ethical) responsibility to prevent access to what hackers want — information that could harm someone else or steal from them. Depending on the situation, you could even have some degree of liability.

Why small businesses are most vulnerable to hackers
Does your business have fewer than 100 employees? Then you are very attractive to hackers! Even if your business is tiny. That’s because you probably haven’t taken steps to protect yourself in the same way that larger companies have. If your practices include things like storing passwords in one place or not having a password policy at all, it’s like chum to the hacker sharks. And it can be devastating to companies.

Free and cheap practices that can boost your security exponentially
You don’t need to go out and buy fancy firewalls. You can make your company (and home) more secure by using things you already have and pay for:

  • Set up password expiration policies. Set a reminder to change your passwords every quarter or so.
  • Set up a password lockout. Use lockout features to prevent account access after too many wrong password attempts.
  • Set permissions for files. Use a need-to-know policy — it’s not rude, it’s smart.
  • Encrypt hard drives. Enable encryption on each operating system (Windows 10, Mac)
  • Use multifactor authentication and biometrics if you can. Extra levels of security send hackers packing.

A break-in is a break-in, whether it’s virtual or IRL (in real life). If you follow the five simple pieces of advice above, you’ll be ahead of most, which makes you safer almost instantly! If your business needs to know what else to do, feel free to contact us. Leapfrog helps clients understand what hackers want from your type of business and how they can protect themselves. We manage and advise on dozens of cybersecurity issues and offer solutions, including Unified Threat Management (UTM) and intrusion and prevention detection.

[well size=”sm”]If your goal is an optimized IT environment that helps your company grow and prosper, you need highly effective Help Desk support. The faster problems get solved, the sooner your team can get back to work. Leapfrog offers a range of managed IT services, including 24/7/365 Help Desk Support. We pride ourselves in our lightning-fast resolution speeds and deep knowledge of all things IT. Customer service as Priority One means no more bottlenecks![/well]