If you spend more than 10 or 15 minutes reading about the latest trends in cybersecurity, you will probably need to remind yourself that you’re not reading the plot for the next James Bond film. You’ll read about cybercriminals encrypting government computers and demanding Bitcoin as ransom. You’ll read about botnets that attack websites and cripple businesses, foreign governments that meddle in elections, and con men that use social engineering to obtain sensitive information.
Today’s security landscape can seem as terrifying as the movies. But dealers shouldn’t be frightened. They should be educated, so that they can protect themselves. Let’s take a moment to explore some of today’s biggest threats to your dealership and your customers.
People are still the biggest problem
When most folks think about security, they think about how they can prevent someone on the outside from getting in. But in reality, your biggest problem isn’t on the outside — your biggest security concerns are sitting right inside your offices. They are your employees and they are your contractors. According to the Ponemon Institute, incidents including employee or contractor negligence is up roughly 20%.
Most of the time, your employees aren’t trying to be a security threat. After all, they’re humans, humans make plenty of mistakes, and there isn’t much you can do to wipe out employee negligence completely. All you can do is make it very difficult for employees to create an accident that can lead to a breach (or stop ill-intended employees from intentionally stealing data). For one, dealers should leverage user rights management features in their ERP systems to restrict employees (or cybercriminals who have stolen that employee’s credentials) from accessing sensitive information or other areas of the network that isn’t necessary to their job. In addition, dealers need to implement a BYOD policy and force employees to use strong end-point security solutions on their personal devices or consider banning the usage of non-company equipment outright.
IoT devices are a disruptive force in almost any industry you can think of. They’re also notoriously insecure, leaving many vulnerable to an attack. Many devices have insecure cloud, web, and mobile interfaces, insufficient authentication features, and don’t encrypt outgoing data — just to name a few of the major problems that we’ve known about for quite some time. Even so, security for IoT devices are often ignored. According to Gartner, nearly 20% of organizations said that they observed at least one IoT-based attack in the past three years.
Looking to the future, it appears the problem is going to get worse. According to the Internet Survey Forum’s (ISF) report, Threat Horizon 2019: DIsruption. Distortion. Deterioration, there will be 212 billion IoT devices in the wild by 2020. It’s up to dealers to make sure that they’re monitoring their network of IoT devices, scanning for vulnerabilities and patching firmware as updates are made available.
Ransomware — also known as cryptoware, cryptoworms or cryptotrojans — encrypts all the files on your computer, holding it hostage until you pay a ransom for the decryption key. Like traditional malware, it’s spread through email attachments, infected programs or a compromised website. It is typical that cybercriminals demand the ransom be paid in cryptocurrency (usually bitcoin) and for the ransom to increase over time until eventually the files are deleted forever. Ransomware revenues can be quite lucrative for cybercriminals. The ISF said that cybercriminals raked in an estimated $1 billion in ransoms during 2016 alone.
The concept of ransomware isn’t anything new. Cybercriminals have been holding the data on personal computers hostage for nearly a decade. But recently, cybercriminals switched their focus onto businesses, hospitals, and even governments. In the Internet Security Threat Report, Symantec said that 81% of all ransomware attacks in the last year targeted enterprises, with service providers being targeted 38% of the time. A third of all attacks targeted mobile devices.
The ISF predicts that cybercriminals will start to point their ransomware attacks toward IoT devices as well. And when you think about it from the perspective of a cybercriminal, it makes a lot of sense. Attacking IoT devices provides cybercriminals with new and more valuable revenue streams plus a larger attack surface for installing and spreading ransomware. But perhaps the most attractive facet of IoT ransomware attacks is that victims can’t get around paying ransoms by restoring their system from backups. Once the device is under the control of hackers, businesses don’t have an option but to pay the ransom. And you can be certain that the more important the device is to your business process (or to the health and safety of your customers), the higher the ransom.
There isn’t any special software that specifically protects from ransomware attacks, but there are a number of precautions you should have in place that can limit the threat and target the various vectors of attack. Since email has been the preferred attack vector for infecting businesses, you should look into email monitoring solutions to prevent infections. In addition, your IT department needs to regularly back up all your data, so if you do fall victim to an attack, you can restore your system to a time when your files weren’t held hostage. Beyond that, you should install and regularly update antivirus software and train employees to be more vigilant. Make sure they understand that they shouldn’t click on suspicious links or download strange attachments in emails, visit unknown websites, or install software from untrusted sources. Employees should avoid using public networks, like those provided at Starbucks or the airport.
The next James Bond movie isn’t going to be about how cybercriminals held an entire fleet of IoT devices for ransom, or how a clever phishing email tricked a trusted coworker into leaking your customer’s private data. But such a scenario doesn’t have to play out in real life, either. Digital transformation has completely changed the way you do business, so it only makes sense that it changes the way you secure your business, too. Dealers need to act on security, and fast. Partnering with world-class vendors that make security a priority and invest in advanced technology will give dealers the support they need from experts in order to create and enforce smart security policies, monitor and manage their networks, and train employees to be more vigilant.
Mark Murphy is Director Security Services, All Covered – the IT Services Division of Konica Minolta. He has spent the past 12 years within the IT security field. Mark was a founding member of VioPoint, Inc. and served as VioPoint’s COO, CEO, and eventually sole owner. In February 2018, VioPoint was acquired by All Covered, a division of Konica Minolta Business Solutions, U.S.A., Inc.