Mid-Market Businesses: The New Target of Advanced Attacks

Google, Sony and even RSA have been the targets of advanced attacks.

But just because these are large organizations that have fallen victim doesn’t mean mid-market companies should assume they’re immune.

In fact, most recent studies suggest that mid-market businesses will face these types of breaches more often than their bigger counterparts, in large part because they lack the means to hire a dedicated IT security staff.

These advanced threats work when an attacker targets an organization, creates an email with an attachment and sends it to individuals in those organizations who may have some interest in the attachment subject. These attachments are loaded with exploit code and, when the user opens the file, the code is executed. Once the Trojan is installed, it contacts a remote site where the attacker then directly seizes control of the compromised computer. With just a few commands, the attacker breaches the organization and collects valuable and proprietary information.

But there are some ways an IT staff can identify suspicious activity and know when to call on data security experts:

  • Suspicious Emails: Monitoring your company’s email for suspicious activity and downloads can help detect advanced attacks in one of their earliest stages.
  • Employee Training: Training your employees on what to recognize while monitoring normal behavior and unexpected changes can lessen the threat of these attacks.
  • A Data Breach Threat Analysis (DBTA): Sword & Shield’s DBTA can assist companies in determining if they are a victim by gathering, correlating and analyzing information from critical points on the network.
  • Threat Response and Remediation: Our experts can contain and respond to these attacks. Proper analysis is required to determine the details of the breach and assist in implementing technology and training to reduce the opportunity of the attack reoccurring.

If you think you are experiencing an advanced attack, you should determine how to close down the attack while preserving forensic evidence. Post-event analysis is essential to ensure your companies employees learn from the events, including how the attack was introduced, as well as strengthening your controls, both technological and procedural, to prevent a recurrence.

We help you plan for security incidents before they happen and we provide the help and expertise you need when they do occur. Call us at 865-244-3500, email us at secureme@swordshield.com or fill out an consultation request to see how we can help.

Comments are closed.