Cyber Threats & Hacking Are A Concern For US Companies

Many companies are naive regarding sophisticated hacking.

The first-ever World Internet Conference was held in Wuzhen, east China's Zhejiang province in Nov 2014. Photo: Imagine China

(SALEM, Ore.) - Corporate cyber crime has become a commonplace in the US business industry. Last year saw a deluge of hacking attacks at banks, insurance companies and retailers.

According to one estimate, the attack at Sony Pictures forced a major company to abandon an $80 million dollar project, and ended up costing Sony around $150 million - $300 million.

Chinese hackers have also shown intent to target US companies for financial gains. Just recently, GitHub was targeted by Chinese cyber criminals in a DDoS attack that overloaded the website and prevented legitimate visitors from accessing the site.

Two pages on GitHub were compromised by the DDoS attack, and both were hosting content that spoke against Chinese authorities.

Also, GreatFire previously revealed evidence on its site that how cyber criminals conducted man-in-the-middle attacks to target websites of some of the biggest technology companies in the US, including Google, Apple, Yahoo and Microsoft.

The attack involved the use of forged certificates that pose as authentic to impersonate a site and gain access to user credentials.

However, many companies remain ignorant of the possible solutions or the increased risks they face. They do not realize that they can be compromised from what appears as a harmless source. For example, their business website or an email from an employee’s smartphone that was compromised could result in significant damage.

They don’t understand how sophisticated hacking has become since the last decade.

Apart from the loss of consumer trust and negative media attention, hacking can also have a negative impact on the share price of a company. Also, companies may not share news of the breach with investors.

State and Federal lawmakers are making efforts to sharpen disclosure rules about breaches and compromise of customer information. Target Corp. disclosed their breach, and it significantly affected the company’s share price.

What can be done?

The US government has the prime responsibility of developing a cyber security framework that reduces threats to US businesses. However, companies can take several measures on their own to greatly reduce the risk to their critical databases and networks.

These include the following:

• Protect their websites

  A growing number of US companies find their websites being the first target of cyber criminals; this is because they are a gateway to company servers that store other sensitive information. As a result, it is vital to improve the security of your website by implementing threat notification systems and reducing SQL vulnerabilities.

• Beef up password security

  Weak passwords are also a cause of compromise, but having different passwords for multiple websites you own can be a hassle to manage. In such instances, businesses have the option of using a password manager for quick and easy access and effortlessly signing in to their sites with just one master password. Some solutions also include features that store important or frequently accessed information in a safe and convenient location.

• Educate their staff

  Staff education can make a big difference to a company’s security strategy and secure endpoints that often lead to compromise. Staff can be educated on cyber security through company-wide training programs. A staff member who is aware of cyber threats can make better decisions to protect his/her company. For example, employees equipped with cyber security knowledge are likely to identify phishing attempts via email.