Sources: McAfee Quarterly Threats Report 2013 2013 Verizon Data Breach Investigations Report Department of Homeland Security: National Cyber security Awareness Campaign 2012 National Cyber Security Association/McAfee Online Safety Survey The Technology Policy Division of the Financial Services Roundtable, Malware Risks and Mitigation Report, www.bits.org National Cyber Security Alliance (NCSA), http://www.staysafeonline.org/business-safe-online/resources/botnet-fact-sheet Federal Communication Commission Cyber Security Planning Guide http://www.bloomberg.com/news/2011-08-04/hackers-take-1-billion-a-year-from-company-accounts-banks-won-t-indemnify.html 2012 National Cyber Security Association/VISA National Small Business Study “Ransomware” locks your screen (often with a fake law enforcement message) so you can’t use the computer again unless you pay the ransom. Typically, even if you pay, the hacker won’t release the PC. CYBER ATTACKS BY THE NUMBERS The bad software exports passwords, logs keystrokes, steals Social Security and credit card numbers, or snoops into your business plans or product ideas. Your computer can even be turned into a “bot” and be used to distribute spam and malware to your customers. 3/4 of attacks are driven by financial motives. DEVIOUS ACTIVITY 4 Once on your system, the bad software hides from outdated antivirus software and may even block your machines’ ability to update security software. Malware can change browser security settings, or disable Windows Task Manager, Windows Safe Mode, System Microsoft Security Center. Banking Trojans, malicious programs, create backdoors that allow hackers remote access to your computer and data. Cybercrooks are stealing as much as $1 billion a year from small and mid-sized bank accounts. HOW HACKERS ATTACK SETTING UP SHOP 3 Malware looks for gaps in software that hasn’t been kept up to date and silently slips past users. This occurs most often on computers with incomplete security solutions. TYPICAL SNEAKY PHISHING ATTACKS: A hacker sends a consumer an email that appears to be from a reputable company. Links in the email take you to a fake website where you’re asked to type in personal information. Phishers commandeer a reputable website and redirect customers to a replicated site that is used to steal customer information. You open a phishing email and a keystroke program is quietly loaded on your computer that allows hackers to later record your passwords or credit card numbers. 1 2 3 Attackers frequently make contact when an employee visits a bad website or clicks on a link in an email and unknowingly downloads malware. Wireless connections and thumb drives are other entry points. Hackers also make contact through “skimmers” installed inside ATMs and point-of-sale devices. Criminal websites are on the rise. From April to June of 2013 alone, the number of websites “infected” with viruses or other criminal software increased 16% to 75 million. THE 4 STAGES OF A CYBER ATTACK WHAT YOU CAN DO Tell customers what information you collect and how you use it. Only keep the sensitive data you need and delete the rest. Back up critical information. Maintain operating systems, applications and Web browsers, applying patches as soon as they become available. Toss anything that looks suspicious, including emails, tweets, posts and online ads. Allow automated updates for programs seeking to update their defenses. Use a spam Protect your smart phones, tablets and gaming systems from viruses and destructive software. Have a cyber security plan that protects sensitive information. Create Web and social media use policies for employees and make sure they follow them. RISKY ENCOUNTERS 1 BREAKING IN 2 Get the latest security software to protect your company’s Web, email and devices. Find your perfect security solution at: http://www.mcafee.com/smb HACKERS TARGET BUSINESSES MORE FREQUENTLY THAN LARGE ENTERPRISES, BELIEVING YOU HAVE LESS SECURITY IN PLACE. THEY WANT TO STEAL CUSTOMER IDENTITIES, COMMIT BANK FRAUD OR FORCE YOU TO PURCHASE FAKE ANTIVIRUS SOFTWARE. UNDERSTANDING THE WAY AN ATTACK BEHAVES WILL HELP YOU STAY SAFE FROM CYBERCRIME. ARE TARGETING SMALL AND MEDIUM-SIZED BUSINESSES HOW CYBER CRIMINALS