Because it makes more sense for businesses to utilize available open source software, businesses are exposed to the vulnerabilities in these software. Hackers exploit this by issuing unexpected commands that will bypass logins or firewalls. Failure to look for recent upgrades for the software puts the business at risk since hackers can make use of the vulnerabilities in outdated libraries. The heartbleed bug in OpenSSL that allowed attackers to monitor information passed between a user and a web service is a good example of this.
Widespread adoption of mobile devices as primary computing devices has seen an increase in mobile device threats. The attackers capitalize on vulnerabilities in mobile applications or clone popular and legitimate applications. The aggressive ad libraries enable them to access personal data on the phone or even assess the user’s behavior. In June last year, researchers at NowSecure, a cybersecurity firm, exposed a vulnerability in the Samsung Galaxy phones predictive text software that hackers could exploit through public Wi-Fi and even cell phone networks to spy on the Galaxy phone users. Samsung issued an update to fix this problem.
Threats in Cloud Services
With the increase in popularity in cloud computing due to the security offered, more and more employees are bypassing security protocols set by their IT departments and utilizing services offered by cloud vendors. In March 2016, the Cloud Security Alliance (CSA) released a report that highlighted the top 12 cloud computing threats that employees and businesses face due to poor cloud computing decisions. These include data breaches since the vast amount of data stored makes cloud servers an attractive target, compromised credentials and broken authentication, hacked interfaces and APIs among others.
Stolen Data Aggregation
When data from a single business is stolen, it may not be valued at much. However, when data from a number of businesses is stolen, the value increases exponentially. In June 2014, the chain restaurant P.F Chang was a victim of this kind of attack. Payment information of a number of customers from different restaurant locations was compromised and the stolen credit and debit cards put up for sale on June 9th, 2014. This attack was carried out systematically over the months of March 2014 to May 2014.
Cyberattacks, on both big corporations and small businesses, is on an upward trend. Business owners can therefore not afford to be complacent when it comes to their security. Ensuring the equipment and software is up to date as well as employing the best cyber security practices allows businesses to assure their customers they are safe to do business with them. Talking to security experts and professionals will ensure they get the best security they can afford.