You've successfully subscribed to INFIMA Security
Great! Next, complete checkout for full access to INFIMA Security
Welcome back! You've successfully signed in.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info is updated.
Billing info update failed.

Hacking Small Companies to Attack Their Clients

Hackers have begun targeting small businesses with links to larger organizations.

Hackers start small. Then go big.

As large organizations improve their security, cybercriminals continue expanding their reach (like here).

Now, they are targeting smaller victims with links to larger organizations, either as clients, vendors or partners.

Increasingly savvy cybercriminals are hitting lesser-known targets harder, especially those closely linked with big, influential companies.

In fact, more than half of cyber attacks hit smaller and medium-sized organizations.

More than 60% of the ransomware attacks that insurer Beazley PLC documented in 2019 targeted small and medium-size businesses.

As you might have guessed, smaller organizations are often more budget constrained. This can lead to debilitating outcomes for the smaller target and its larger customers.

Some attacks shut down operations for hundreds of the targets’ customers.

Epiq Systems is one such example. The company serves large clients in high-profile and sensitive legal matters. After a recent Ransomware attack on their systems, customer data was held hostage and operations were stopped. Attacks in the legal industry are nothing new (like here and here)

Some examples from the Epiq attack:

Epiq’s systems outage halted the processing of restitution claims related to puncture-prone air bags.

A March 3 trial deadline was missed in litigation between biotechnology companies because Epiq’s outage made discovery documents unavailable.

German lender Deutsche Bank AG and outside lawyers warned Congressional investigators of possible delays in producing bank records requested as part of a money-laundering probe.

In Pennsylvania, bankruptcy proceedings for the Catholic Diocese of Harrisburg were just getting started, with Epiq on board as claims agent.

Adding insult to injury with Epiq's network down and data encrypted, competitors "swooped in trying to poach clients."

Regardless of size, it's time to protect your team and your assets from these attacks.

Are you ready to take action?
You already have a lot on your plate, so we make it easy. Find out how to protect your team with INFIMA's Automated Security Awareness platform.

To get a quote, set up a call with our (non-pushy) team here!

Original article here.

Joel Cahill

Cybersecurity enthusiast. Entrepreneur.