Remember to update or patch your operating system, avoid clicking on links from suspicious email messages, and never download and run executable files from websites of dubious origins. Tips such as the above – or similar ones – are often cited as a means for businesses to reduce their chances of being targeted by outsider hackers.
However, external threats make up only one aspect of the security issues that SMBs face. Today, I highlight some dangers that can result from insider threats, which given their insidious nature, can be even more dangerous than a website hack or compromised PC.
Snooping on Emails
The common assumption is that access to emails is protected by a username and password. The situation changes dramatically though, should an administrator with access to the email server decide to pilfer through a company’s correspondence. Moreover, many email clients are configured not to use encryption by default, which renders passwords susceptible to being discovered with the use of network sniffer tools.
Remote Administrative Tool
As its name suggests, remote administrative tools (RAT) were originally created to help IT departments resolve computer-related issues without having to make an onsite visit. This is a huge timesaver for larger organizations, SMBs located on a large compound, or businesses with remote offices that may not have an IT staffer.
For all its perfectly legal users, the abuse of RAT software means that it is associated with criminal activities these days. Typically installed without a victim’s knowledge, they can be used to spy by allowing their remote operators access to local documents and files, or even capture screenshots or access any attached webcams. Indeed, Ars Technica earlier this week ran a feature about a disturbing subculture of men who make use of RAT to spy on female users.
Logic Bombs
A disgruntled developer who decides to harm an SMB will likely find it trivial to do so. This is because smaller non-IT businesses are unlikely to make use of source code control tools for maintaining their in-house applications. As such, the disgruntled employee could introduce deliberate mistakes in the source code that may not be immediately evident, or even plant logic bombs that grind the system to a halt many months down the road – after leaving for another job.
Difficult as it is to defend against the threats highlighted above, SMBs are not completely helpless, either. In my next post, I will highlight some practices that should offer some protection against insider dangers.