The global security firm RSA, a major provider of data encryption and identity assurance, announced back in March that it had been hacked. As disturbing as the initial revelation was, there is now even more bad news: The cyber attack that compromised RSA also targeted more than 700 other companies, including nearly 20% of all Fortune 100 firms!
A full list of the businesses which fell victim to the attack have been given to Congress, and have also been published by security expert Brian Krebs in a blog post on his web site. Some of the companies named include Charles Schwabb, eBay, Wachovia, and Wells Fargo.
Even tech titans like Cisco, Facebook, Google, IBM, and Intel fell prey. So did the military contractor Northrop Grumman, as well as government entities including the IRS and Freddie Mac.
Are you nervous yet? Obviously, it is disconcerting to learn that even giant corporations, which spend millions on security, can’t fortify their networks against raids on sensitive data. But it is important to note that in this particular instance, experts believe that the attacks were conducted by a nation-state, and that many of the networks used in the attacks are in China. Still, the US has not yet formally accused any country of wrongdoing.
OK, so your company probably isn’t on the radar of any group sophisticated enough to wage an international cyber war. But this developing story demonstrates how dangerous data breaches can be, and how difficult they are to prevent. And since the chances are very high that your network security is nowhere nearly as robust as Google’s, it’s worth pausing to reflect on your exposure to cyber risks.
According to one industry expert, 40% of all cyber crimes are committed against small businesses. Furthermore, FCC Chairman Julius Genachowski told an audience of business leaders last summer that the average cost of cyber attack against a small-to-medium sized business is a whopping $200,000! With number like that, it’s easy to see how vulnerable an unprotected firm can be.
Your company has valuable data, and there are criminals out there who want it. So, what are you doing to protect your company from cyber threats?