RONNIE L. WILLIAMS
Despite increased awareness of cybercrime, cyber-attacks continue to plague companies from Memphis to Brussels to Subic Bay.
Cyber attacks are typically defined as criminal activities that are conducted by means of the Internet. With more and more companies relying on the Internet to do business, the frequency of cybercrime is certain to increase. These technology-based attacks can include stealing an organization’s intellectual property, gaining access to online bank accounts, creating and distributing viruses, and posting confidential business information on the Internet.
A recent survey by PricewaterhouseCoopers found that 38 percent of the financial service firms surveyed have been hit by cybercrime of one sort or another. Although the financial service industry may experience a higher rate of cybercrime due to the nature of their business, cybercrime is a real threat to other industries as well.
The financial impact of cybercrimes can be devastating and the reputational damage may be ruinous for a company. The most costly cybercrimes are those caused by malicious code, denial of service, stolen devices and Web-based attacks. Malicious code and denial of service are typically the most common of the reported cyber attacks and include viruses, worms and Trojan horses.
Cyber crooks are utilizing more and more elaborate schemes in order to swindle businesses out of money, time and resources. Last year, the Department of Justice and the FBI announced the indictment of two individuals from Latvia and the seizure of more than 40 computers, servers and bank accounts as part of Operation Trident Tribunal, an ongoing, coordinated enforcement action targeting international cybercrime. This particular operation took down a cybercrime ring that caused more than $74 million in total losses to 1 million computer users. The size and extent of this cybercrime ring demonstrates the reach of the criminals and the financial impact their activities can generate.
Mitigation of cyber attacks can be a harrowing task. The cyber crooks are always thinking of new schemes that provide unauthorized access to valuable information. The Nigerian prince that only needs your checking account number to make you rich may not be sending you emails anymore, but you may receive an email from a logistics company referencing a package that is waiting for you. Once you open the email, a Trojan horse is placed on your machine that monitors the online transactions performed via the infected computer as well as the passwords and usernames for different services and credit card accounts. This attack can lead to empty bank accounts as well as a huge headache.
Protection against cyber attacks can include anti-virus software, anti-spyware software and a properly configured firewall. Policies and procedures that deal with access to sensitive data as well as access to certain hardware can make everyone at an organization part of the safeguarding process. As the cyber attacks increase in frequency and sophistication, the efforts to stop the attacks will have to evolve and adapt to meet the challenge. Having a cyber risk-aware culture at your company could be the difference between being a rich prince or being a ruined pauper.
Ronnie L. Williams is the director of finance for HealthChoice LLC.