Cyber breaches and attacks not only impact clients and consumers outside of your entity, it also impacts your entity directly. First party exposures include business interruption, including the cost of shutting down operations during the breach; data loss and destruction resulting in costs to recoup or recreate data; computer and funds transfer losses; and cyber extortion which is the attach or threat of an attack against an enterprise coupled with a demand for money to avert or stop the attack.
There are different types of cyber-attacks, and different levels of these attacks. Phishing is usually done through the email services of a company. In a general phishing attack, a general email is set out casting a wide net to see if someone will open the door for the virus to be planted. Spear Phishing involves some research being conducted by a hacker prior to engaging in the attack. The hacker will use information gathered about the intended victim’s family, and then use that information in an email to lure the recipient into engaging in the infected email. An example would be the hacker is aware that a family member is out of the country, and may send an email with an infected pdf attachment, claiming that the attachment includes information about how to send money to assist in
WANT AFFORDABLE HOUSING FOR YOUR COMMUNITY? START THE DISCUSSION WITH SDHDA AND TAKE THE NEXT STEP
S O U T H
D A K O T A
D E V E L O P M E N T
A U T H O R I T Y
sdhda.org MAY 2017 JULY/AUGUST 2021
necessary medical care or transportation. Once the victim opens the attachment, they unknowingly release the virus into the system. There is often a follow up email assuring the victim that there was a mistake and that no emergency exists, all the while the virus is now making its way through the victim’s system, gathering information. A third form of phishing is called whaling. In this instance, a high level party is targeted. A hacker will obtain the credentials of the party and then access their email, usually through a web based account. No immediate action is generally taken, however the hacker will monitor the email correspondence, gathering information and details about the entity’s business. At the right moment, they create an invoice which is sent along, resulting in a fraudulent money transfer, which is generally difficult if not impossible to track or recover. Home buyers have been reportedly tricked into making wire transfers to a hacked escrow account.
Other types of cyber-attacks are known as malware or ransomware. Malware has been shifting and trending into ransomware. Ransomware attacks occur when a hacker encrypts an organization’s files or data, and then requires payment of ransom, often via the use of bitcoin. Bitcoin is a digital asset which is exchanged peer to peer, without an intermediary. Bitcoin can ultimately be exchanged for other currencies, products or other services. Once the payment of the ransom is made, the data is decrypted. Ransomware usually requires some performance or engagement by the end user. There may be a link within an email, a file to be downloaded, an attachment to open or a macro to activate. Ransomware can also be delivered through advertising. Hackers have been known to purchase advertising space and upload a legitimate ad, however if the purchased space is not checked by the host, the ad can later be replaced with infected advertising, which when clicked releases the virus into the system.
Distributed denial of service attacks generally do not involve direct profit for the hacker. It is believed that these types of hacks are done for bragging rights. During a distributed denial of service, a hacker will take down a website of an entity, which can be detrimental to the entity, but with no real visible gain for the hacker himself. With some very basic and general knowledge of some of the ways that our electronic systems can be attacked, the next logical step is knowing how you can protect your entity. It is important to create and keep up to date backups of all your information. If a ransomware attack is made, having the current information backed up makes the decryption of data less crucial. Additionally, having back up bandwidth to cover the downed system is recommended to keep operations moving. Training 17
