By Tony Pepper
I guess there can’t be many of us that haven’t heard of the term “Cybercrime” – but what actually is it? Well, there are many forms of cybercrime: online scams and fraud, identity theft, attacks on computer systems and networks, the spreading of computer viruses and malware, hacking, and distributed denial of service (DDoS) attacks to name the most common. Therefore, one definition of a cyber-dependent crime would be: offenses that can only be committed using a computer, computer networks or other form of information communications technology.
Should We Be Worried?
So, should Small Businesses be concerned about these threats? Well, the short answer is: Yes. Protecting your company and yourself from cybercrime is most definitely worth considering. You should therefore assess the risk and then deploy a defense or defense strategy to mitigate that threat.
In this article, I’m going to look at just one group of threats: those posed when using email and or online file exchange. I’ve chosen this topic because almost all small businesses will be exposed to these threats since almost all of us use email many times a day and online file exchange is fast becoming equally ubiquitous.
Threats of these types can be both inbound and outbound:
Inbound email threats include emails containing computer viruses or malware, phishing attempts and email spoofing. I’ll briefly explain each of these terms for those who are less aware of IT Security.
- Computer virus – A program written to perform some unknown action on a host computer that the user will not have requested, the action may be benign or malicious. The program is triggered by the user starting a legitimate program, opening an email or even in some cases visiting an infected website.
- Malware – A program written exclusively to perform some malicious action. Unlike a virus, malware can be written just to attack your computer or network (you might be the only recipient of this program) and as such these programs can be extremely difficult to detect until it is too late.
- Phishing – Is an illegal attempt to acquire sensitive information from you – such as your username, passwords or even credit card details – for malicious ends.
- Email spoofing – Is the sending of emails with a forged sender address in an effort to get the recipient to accept the email as bona fide.
Outbound threats revolve around the leaking of sensitive information or the stealing of intellectual property (IP). These are classed as “insider threats” and as such may go unnoticed.
Danger File Exchange
Many of us today share files online, quite often by using online file sharing services (these have become necessary since many files exceed the size permitted as an email attachment). The outbound threat here is who else has access to these files whilst they are stored in the cloud? Could they be read, modified or even deleted? Inbound the threats include what the file contains, whether it has really come from someone you know and if it been modified on route.
The first step to your defense strategy should be to carry out a risk assessment and then develop a policy to counter it. This will almost certainly include deploying an anti-virus scanner to intercept all email, both inbound and, yes, also outbound (you don’t want to unwittingly be sending viruses to your contacts). This will reduce the risk of virus infection and can be used to check files sent or received – but what about the other threats we have identified?
Well, the policy should also educate users not to open email or accept files from contacts that they don’t recognize, this will further reduce the risk of malware and phishing scams. However in the case of email, we have already learnt that it may be a spoof that appears to come from someone we know. Therefore we can conclude that good policy alone is not enough.
The next step you should consider will effectively reduce the risk of the remaining threats to almost nil: make use of encryption. Once the tool of spies and the military, encryption is the art of encoding the message or file so that only authorized people can read it. I’m not going to explain in depth how this is achieved here, but there are some basics that you need to know so that you can understand how this helps us defeat the remaining threats. Before I go any further, however, I just want you to think of encryption as a “strong box” that we can place your message or information into for safekeeping.
For encryption to work, it requires a pair of keys. One key is used to lock the message or file in the “strong box” and the other is used by the authorized recipient to unlock that “strong box” to retrieve the message or file.
In an effort to keep this article relatively short, let’s forget about how both sender and recipient get the necessary keys. The fact is that it can be achieved simply – and by doing so, we now know that only messages and files that require the necessary key to access them are legitimate (all other messages or files could be bogus!). The fact that the message or file has been locked away inside the “strong box” ensures that it has not been modified or read by anyone. If it can be arranged so that this encryption takes place for all outgoing email and file exchanges to your authorized recipients, only then have you gone some considerable way to halt the leak of sensitive information or IP. Audit these emails and file exchanges, and then you know who did what where and when. All other files or emails received in clear text (without the “strong box”) can be marked for special attention and treated with caution.
It Can’t Be Done
I can already here the chorus of “it can’t be done” coming from you! Well I might once have agreed with you, but today this is a real possibility. In fact, many companies are already doing all of these things. There are tools out there that manage all of this for you. They create the “key pairs” you are going to need, they make it possible for your recipients to be able to use this secure method of information exchange without having to own the tool you used (or anything like it), and they can integrate with anti-virus products so that the whole process is seamless and un-complicated.
You Can Take Back Control
So if you are concerned about narrowing the gap in your defenses where email and file exchange is concerned, there is an answer out there. If you worry about information leakage or your IP being stolen, there is an answer out there. Isn’t it time you at least considered taking back control and thereby protecting your company, your investment and your livelihood?
• • •
Tony Pepper, is the CEO of Egress, the encryption software company that specializes in secure communication solutions, including secure email and large life transfer.