Within the past 60 days, the print, promo, and apparel industries have seen a drastic increase in the number of successful cyberattacks against some of the most prominent names in the industry. On November 7th, Essent, one of the most relied-on ERP platforms serving the promo and apparel industry, encountered a ransomware attack that shut down ordering for users of their system.
“While these attacks have been somewhat limited to a few organizations within the industry, it’s very possible more attacks could be on the way,” said Andrew Alford, President of Liftoff Ecommerce. “The next round may come in the form of more targeted attempts, where the attacker utilizes information they may have garnered about other businesses in the industry through this initial offensive,” he added. “I advise every business in our segment to be on high alert; the next wave may possibly include smaller businesses that have limited or weak security infrastructure and processes in place.” Alford concludes, “It is important for every business, no matter the size, to provide regular training to their employees regarding security best practices.”
Alford’s advice focuses on strengthening awareness about cybersecurity and ensuring employees know what to look for in an effort to prevent attacks such as these. “Your computer operators are your first line of defense against an attack and are typically the largest and easiest targets for a would-be attacker,” Alford said. “It only takes one errant email to light the fuse; if a user with the right permission set is compromised, your network could be under siege within minutes. Attackers make a conscious effort to learn as much as they can about your business, especially those that deal with financial information. With this information, they are able to make more precise and targeted hits against their prey.”
While most companies employ malware protection, it doesn’t guard against social engineering and general phishing attempts, which are two of the most prominent ways attacks are carried out. Platforms such as KnowBe4 focus on training employees on security best practices and provide awareness of the ways attackers try to infiltrate your business. “Your defenses are only as strong as your weakest point of entry, and awareness ultimately allows you to create a human firewall that strengthens your defense against such attacks,” says Alford.
With the looming threat of increased cyber-related threats, below are some steps you can take as a business to harden your security stance:
Make security training a frequent and mandatory task. The more your employees know, the stronger your first line of defense will be.
Ensure that all workstations, servers, and devices implement malware protection that is updated frequently.
Confirm that your workstations and servers receive continual software updates – not just for your operating systems, but your browsers and other software packages too.
Participate in penetration testing. While this doesn’t solve for social engineering problems, it ensures your network infrastructure isn’t vulnerable to outside attacks.
Ensure you have reliable backups, and test them frequently. In the event of an attack, you may be forced to restore your infrastructure from backup. The more complete and recent your backups are, the faster you’ll be able to recover.
Develop a recovery plan. If you think you’re too small for a disaster recovery plan, think again. If something does happen, you may need a documented process that helps you bring your business back online.
Design an incident response plan that details how to respond in the event of a cyber attack. Distribute this plan to all employees and perform regular drills to ensure everyone is aware and able to follow protocol.
Communicate with your employees about the shared responsibility of security; it’s not a matter of if you’ll be attacked, but when.
Advise your accounting teams to always be wary of payment change requests. Attackers will often convince a finance team they are a vendor and will provide fake ACH payment details. Once this money leaves your account, it may be impossible to recover it.
Implement 2FA (two-factor) or MFA (multi-factor) authentication where possible to limit the exposure of your external-facing apps and services to penetration attempts. Passwords are no longer considered secure; adding additional authentication measures is now considered a base security practice.
Review which users have access to systems and ensure user access follows a list-privilege administrative model.
In summary, you must always be on guard for the next attack. Know that the attacker will be creative in their approach. Attacks are becoming more and more sophisticated, and perpetrators are leveraging as much information as they can about a business while they make their approach. Be on guard, always.