Everyone has potentially heard of the annoying “ransomware” floating about which is malware designed to hold computers and sensitive data hostage in exchange for a “fee” that seems to increase ever more as it is paid. There appears to be a trend of late, within the burgeoning cyber security field, of so-called “experts” and solution providers crossing the thin line between White Hat and Black Hat (good and bad hacker) to actually break into systems or steal data and then sell a solution to the desperate business owner whose website has been hacked or hijacked. Either that, or some companies are inflating or outright fabricating a data breach by “finding” your private records in the nefarious underworld of the Internet.
This has been in the news, with even some large companies being accused of this practice, and lately with small and medium businesses reporting their belief that they have been a victim of this “cyber solution” extortion.
So, what are we seeing? Let’s use a couple hypothetical companies. Business “A” sells widgets online, through their self-hosted content management or e-commerce system. Patching this years-old system is secondary to operating their business, so staying on top of every security update is not only difficult, but often impossible without a certain level of technical expertise at their disposal.
One day, Business “A” gets an email, out of the blue, from a company we’ll call the “cyber provider,” maybe from overseas, that “just so happens” to notice that their site was exploited through an obscure vulnerability to serve up pharmacy ads and they found this through what they say was a chance manual search. It also “just so happens” that this email comes within a day, maybe two, of this obscure vulnerability being exploited, as a check of the backup record reveals. The “cyber provider” then offers a solution to fix the site “immediately” by just happening to know what the exact exploit used was the company website an ocean or so away. Incredible coincidence? Maybe. Probably not.
This scenario is akin to returning to returning to your car at a large shopping center parking lot and seeing a row of vehicles with smashed tailights and, just coincidentally, a flyer on each window from a company specializing in “quick, easy taillight repair.” Just good timing? Maybe. Probably not.
People and companies are looking to take advantage of the increasing prominence of cyber threats by serving up their own brand of fear. The lesson is this:
- use proactive security measures, especially if you do business online, by using Web Application Firewalls or hiring a reputable managed security service provider to ensure your site is protected from potential threats while being fully compliant; and
- do business with companies you personally trust – ask for references, request independent verification of reported issues, and ensure you get honest answers without a self-serving sales pitch.
Has your website been hacked or have you been the victim of a similar scheme from a purported cyber security company? If so, let us know immediately so we can improve our threat database and give you a no-strings-attached evaluation of your security situation.