WORK / LIFE : SECURITY
While large enterprises were once the primary targets of such attacks — including one that robbed
Google and Facebook of $ 100 million between 2013 and 2015 , and another that cost
Sony Pictures roughly the same amount in 2014 — hackers have discovered that they can often penetrate an SMB ’ s network more easily . Using a DDoS or other type of attack , they can then prevent that business from operating until a ransom is paid .
“ A few years ago , SMBs were not as targeted , just because the getting was pretty good from big companies ,” A
explains Matthew Gardiner , principal security strategist for the cloud-based security provider
Mimecast . “ As security got better at big companies , attack patterns shifted to small and medium-size businesses .”
According to Gardiner , the primary avenue of attack against SMBs is in the form of malicious emails that often contain harmful links or attachments . While some of these emails are generic , poorly written , and easy to spot , others leverage real information to mimic trusted senders requesting sensitive data .
“ They ’ ll use LinkedIn to find someone in human resources at a company and someone [ else who works ] at that company — a few months ago they ’ d make sure they ’ re at different offices , but of course now most people are at home — and they ’ ll send an email simulating that it ’ s from the employee to the HR person , saying , ‘ Change my direct deposit address ,’ ” says Gardiner .
According to a recent
study by Mimecast , impersonation attacks grew by 24 % between January and June . The study , which analyzed more than 195 billion emails , found that these attacks typically use subject lines containing words like “ invoice ,” “ order ,” “ PO ,” or the names of well-known courier or shipping companies .
“ Some of these can look very convincing because they can , in an automated fashion , pull graphics off your website , so the email that comes through might have your company logo on it and look superficially quite legitimate ,” explains Ian Pratt , HP ’ s Global Head of Security .
Pratt adds that such attacks appear to be getting more sophisticated — and more successful — in part because victims don ’ t have access to the same resources as they would in a traditional office .
“ I suspect part of it is that users aren ’ t in an office situation where they can ask a colleague whether it looks legitimate or not — they ’ re working on their own at home , unable to query things ,” he says .
PREVENTING CYBERATTACKS IN A REMOTE WORKPLACE The new work-from-home environment not only makes it more difficult for companies to respond to suspicious activities , it also expands the attack surface into the home .
Internet of Things ( IoT ) devices in the home — which range from smart thermostats to video doorbells to wireless printers — can provide a less-secure avenue for hackers seeking to gain access to the home network , which is often shared with workplace laptops , explains Shivaun Albright , HP ’ s Chief Technologist of Printing Security .
“ Unfortunately , IoT devices commonly found in the home are not as secure because they are often missing key security features such as firmware updates ,” she says . For example , it ’ s common for IoT devices to be shipped with a well-known default password that ’ s an easy target for hackers , especially since many people don ’ t
“ S SECURITY G0T BETT3R AT
A BIG C0MPANIES , ATT CK
PATT3RNS SHI TED T0 SMALL A D MEDIUM-SIZ3 BUSI ESSES .”
— MATTHEW GARDINER , PRINCIPAL SECURITY STRATEGIST , MIMECAST
F bother to change it once the device is installed . And as soon as a single employee ’ s laptop is compromised , the corporate network can be at risk , threatening the entire business .
It ’ s for these reasons that HP printers come equipped with the highest-possible security settings in place right out of the box . “ We ’ re shipping [ small-business and home printing products ] with unique passwords ,” she says .
HP printers can also proactively detect and thwart a malware attack from outbound DNS network packets on those printers equipped with the
HP Connection Inspector . Once an attack is detected , the device initiates
Sure Start , a process that returns the device to a safe and secure state .
MIXING WORK DEVICES AND HOME ENVIRONMENTS Gardiner says that there are a number of steps individuals can take to prevent phishing or impersonation attacks , and simple education on best practices from employers is key .
“ The list is fairly long on basics , but certainly includes multifactor authentication and more sophisticated and automated anti-phishing , and then behind your technical controls you need to have your people and your processes resilient to cyberattacks ,” he says . “ Just very simple things can help , like looking closely at
N N
HP / INNOVATION / FALL 2020 60