Hacking Small Companies to Attack Their Clients
Hackers have begun targeting small businesses with links to larger organizations.
As large organizations improve their security, cybercriminals continue expanding their reach (like here).
Now, they are targeting smaller victims with links to larger organizations, either as clients, vendors or partners.
Increasingly savvy cybercriminals are hitting lesser-known targets harder, especially those closely linked with big, influential companies.
In fact, more than half of cyber attacks hit smaller and medium-sized organizations.
More than 60% of the ransomware attacks that insurer Beazley PLC documented in 2019 targeted small and medium-size businesses.
As you might have guessed, smaller organizations are often more budget constrained. This can lead to debilitating outcomes for the smaller target and its larger customers.
Some attacks shut down operations for hundreds of the targets’ customers.
Epiq Systems is one such example. The company serves large clients in high-profile and sensitive legal matters. After a recent Ransomware attack on their systems, customer data was held hostage and operations were stopped. Attacks in the legal industry are nothing new (like here and here)
Some examples from the Epiq attack:
Epiq’s systems outage halted the processing of restitution claims related to puncture-prone air bags.
A March 3 trial deadline was missed in litigation between biotechnology companies because Epiq’s outage made discovery documents unavailable.
German lender Deutsche Bank AG and outside lawyers warned Congressional investigators of possible delays in producing bank records requested as part of a money-laundering probe.
In Pennsylvania, bankruptcy proceedings for the Catholic Diocese of Harrisburg were just getting started, with Epiq on board as claims agent.
Adding insult to injury with Epiq's network down and data encrypted, competitors "swooped in trying to poach clients."
Regardless of size, it's time to protect your team and your assets from these attacks.