VIEWS: 10 PAGES: 6 CATEGORY: Computers POSTED ON: 7/14/2010
"It doesn't matter if we're small," he says. "It doesn't make us less of a target. If someone is trying to spread a botnet, they don't care if you're small or not, they just want to get in."
SIZE DOESN’T MATTER Finding more resistance than ever from large businesses, hackers are customizing their malware ploys for SMBs, reports Dan Kaplan. David Naylor, IT security coordinator, Texas Trust Credit Union E T wo years ago, the vice president of human relations at Texas Trust Credit Union (TTCU), a 60,000-member business in the Dallas area, received an unexpected email from a law ﬁrm. Attached was a complaint letter. Sensing something may have been amiss and having been trained to be on the lookout for questionable messages, the employee right-clicked on the attach- ment, where he was able to determine that the document was no complaint let- ter at all – it actually was a malware-laden ZIP ﬁle disguised to look like a PDF. “What the scary part of it was, our anti-virus software didn’t detect any- thing malicious about the threat,” says David Naylor, 29, TTCU’s IT security coordinator. “And our email ﬁlter at the time didn’t have any concept of how to handle it.” Nobody else at the company received the phishing email, prompting Naylor to determine that the HR director was singled out because of his role in dealing with conﬁdential data. “That could have been very nasty,” he says. “We would’ve had a piece of software logging keystrokes. You can imagine all of the sensitive information a person in that position might type in on a daily basis, and who knows where that could’ve been sent to.” Little did Naylor realize at the time, but the near-breach was just a precursor to the full-on assault of sophisticated and often undetectable attacks now threatening – seemingly at random – some of the 25 million small and mid- sized businesses (SMBs) nationwide. More than two years removed from the incident at TTCU, the SMB space has become a bonaﬁde gold mine for the web’s most unsavory inhabitants. Monster breaches, such as at Heart- land Payment Systems, may have dominated the headlines over the last Photo by Kim Kolanowski 12 months, but if 2009 is to be remem- bered for anything, perhaps it should be recalled as the year when skilled cybercriminals began ﬂeecing the little SMBs guy of tens of thousands of dollars at a time. The most alarming part? Most of SMBs...are more the victims do not even realize
Pages to are hidden for
"SIZE DOESN'T MATTER"Please download to view full document