You may have seen it in the news, but another major company has been a victim of a nasty ransomware attack that disrupted services and customers for over ten days. This time, the victim was MGM Resorts in Las Vegas.
What separates this major incident from others is that the hackers pulled the malicious attack off using one of the oldest tricks in the book: social engineering. So, what happened, and what can we learn from this?
Topics: Cybersecurity, Network Security, Data Breach, Data Security, security incident handling, risk, Ransomware, social engineering
The shift to remote work challenged organizations of all sizes to increase their digital footprint and allow everyone to collaborate and work from anywhere in the world to satisfy their customers and clients. For some organizations (usually larger), this is not a problem. However, increasing a digital footprint while keeping security at the forefront can be challenging for medium-sized or smaller companies. The pandemic has fueled an increase in cybercrime, and there are no signs of it slowing down.
When the pandemic first hit, companies had to transform their businesses quickly, and with that came an increase in security vulnerabilities. It is not crazy to say that most small or medium companies think they are “too small” to be a target, but that is not true. The media likes to spotlight attacks on Fortune 500 companies and make it sound like vulnerabilities and malware are complex issues. This rhetoric makes smaller and medium-sized companies shy away from implementing cybersecurity programs and shift their focus to other business areas.
The reality is that cybercriminals are organized and can attack anyone at any given moment. If your company has any value at all, you are a target. Attackers know that going after large companies is risky and increases their chances of getting in trouble with law enforcement. Ultimately, all they want are quick and easy paydays, and smaller companies typically are an easier target to hit.
Topics: Cybersecurity