Blog / Are you important enough to get hacked?
There’s an interesting misconception out there—a myth, if you will—that your organization is too small and unimportant to be worth hacking or being held to a ransomware demand. It’s comforting to believe, for any reason, that your organization won’t suffer an attack. It may not be true, but it’s comforting.
I think this belief comes from the way that hackers are portrayed in movies and tv today. There’s usually someone furiously banging away at a keyboard because the evil corporation as this one weakness that lets the good guys evade all the security everywhere. Now, don’t get me wrong, there are actually hacks like that out there (kind of), but they are by and far the minority. It’s not that only a few organizations are so important they need specialized digital weaponry, but actually because the threshold for being worthy of an attack is actually pretty low, so the vast majority of hack aren’t actually targeted, not in a real sense.
You see, when someone comes up with a new attack, they then make their system search for anyone vulnerable to it. A prime example of this would be the ProxyLogon and ProxyShell exchange attacks earlier this year. They weren’t targeted in any way other than to look for OWA login portals on the internet.
The same is true for most attacks. It’s not a question of how important you are or even how large you are. The question is “are you vulnerable to their attack?” If so, then you’re a target. Remember those Exchange attacks mentioned earlier? They never stopped. Not everyone has patched their system and there are still plenty (like, tens of thousands) of vulnerable exchange servers out there. That’s a lot of possible targets and no reason for the bad guys to stop. They just scaled it back a little.
So instead of telling yourself you’re just a small fish in a big pond, you should be asking yourself if you can become an innocent bystander, and the answer is yes, yes you can. Hopefully you’re not looking at your business like it’s unimportant or too small, because if it’s valuable to you, it’s valuable to the bad guys too.
Apropos of that, today l will leave you with a line from The Merchant of Venice, “All that glisters is not gold.”
If you have any questions about cyber security, please reach out to your TRINUS Account Manager for some stress-free IT.
By Kind, Courtesy of Your Friendly Neighbourhood Cyber-Man.