It seems that small to midsize businesses (SMBs) around the world should begin beefing up their cybersecurity initiatives. Cybertinel, an Israeli security company, has verified the enigmatic Harkonnen Trojan on the network of one of its German clients in August, where attackers had taken full advantage of the often lax or lacking amount of network security in place in many SMBs.
According to TechWorld, around 300 SMBs in Europe may have been used as “fronts” for stealing data for as long as a decade. TechWorld’s John E. Dunn reported:
From the details released to the press, this looks like a rare example of a professional hacking-for-hire attack of long standing that possibly also targeted firms beyond the known target list, including in the UK.
Countries listed in the cyberattack included Germany, Austria and Switzerland; however, faux company fronts were set up in the UK to register SSL certificates and domains, which were used to collect the hijacked data. In a statement to TechWorld, Jonathan Gad from Elite Cyber Solutions explained:
“The network exploited the UK’s relatively tolerant requirements for purchasing SSL security certificates, and established British front companies so they could emulate legitimate web services. The… attackers behind the network then had total control over the targeted computers and were able to carry out their espionage undisturbed for many years.”
Although the Trojans appear to have been made in Germany, IT security professionals have not yet discovered where exactly the attack originated. They did say, though, that in June of 2013, the original malware attack occurred via a phishing scam.
Cybertinel staff have discovered the entirety of the illicit network, but are still putting a cost to the amount of data and damage that the affected SMBs have incurred.
Although this attack was discovered in Europe, it still highlights the need for all SMBs to take IT security seriously. One small phishing scam placed malware on one machine and it has now affected hundreds of small companies. One of those companies could be yours. Could you afford the damage to your network or worse, your company’s reputation, after such an attack?
Kim Mays has been editing and writing about IT since 1999. She currently tackles the topics of small to midsize business technology and introducing new tools for IT. Follow Kim on Google+ at google.com/+KimberlyMays6 or Twitter @blumoonky