There is a story about a man who couldn’t keep his unrelenting neighbor out of his house. He built a fence, bolted the windows and even barricaded the chimney. Finally, thinking his house was secure, he sat down to relax with a glass of lemonade — just as the neighbor strolled in through the unlocked front door.
We often see this happen in data centers, too.
There are countless ways that cybercriminals can worm their way into business networks, and administrators often spend so much time focusing on the small details — scouring security logs for signs of intruders and running software updates — that they forget to think about some of the more obvious ways that information can be lifted.
Sometimes, the easiest way to take something that you want is to commit an old fashioned physical robbery.
Take what happened at Washington State University as an example. Recently, a WSU researcher discovered that an 85 pound safe with an important hard drive was missing from its holding place in a storage unit in Olympia.
According to KUOW, the drive holds the names of about one million people — as well as the Social Security numbers and health information for some individuals. Most of the information was connected to research that the university was doing for third party organizations.
As WSU Vice President of Communications pointed out, this was a well-planned attack.
"This was not a quick smash and grab, this was somebody who had to make quite a bit of effort to steal the safe, and then if they're ever able to get inside it's going to take a lot of work for them to do that as well. At this point we have no reason to believe the data has been compromised, but we can't know that for sure."
So take our advice: If you have something that is valuable to hackers, they will go to any length to obtain it. It’s just a matter of finding your network’s biggest vulnerability, and launching a targeted attack at the right time.
Universities, for that matter, are being increasingly targeted by cybercriminals.
The WSU case is just one example of a successful breach against a university. Last week, two major colleges in the U.K. — University College London and Ulster University — were infected with ransomware and knocked offline. Experts believe that in both cases, hackers may have exploited zero-day vulnerabilities in order to gain entry.
All universities should therefore take the time this summer to conduct thorough cybersecurity audits. Students may be on vacation until August, but hackers are still hard at work.
A new breed of hacktrepeneurs has awoken and they have little to fear and everything to gain by infecting as many companies as possible and extorting money from them. Apex Technology Services stands ready to protect your company regardless of whether it’s located in New York City; White Plains, New York; Connecticut; Australia; Europe; or anywhere else. Our full suite of cybersecurity and IT support services is at your disposal, enabling you to spend less time worrying about and more time growing your business.
To ensure your security, consider one of our most popular services — Auditing & Documentation — which pinpoints vulnerabilities in your infrastructure, process flow and internal security procedures.