Cyber threats can often come from within your own circle
Carl Mazzanti//October 14, 2024//
PHOTO: DEPOSIT PHOTOS
PHOTO: DEPOSIT PHOTOS
Cyber threats can often come from within your own circle
Carl Mazzanti//October 14, 2024//
During 23 years of speaking at events, I have noticed something about the crowds. Many people come to learn about cybersecurity and do good. However, an equal number are bad actors. They want to learn about cybersecurity to find ways to evade digital defenses.
We recently discovered that someone had registered a “lookalike domain” that was awfully similar to our emazzanti.net site – in fact, the bad actor’s domain was only one letter off. They were hoping to attract legitimate organizations that were trying to reach us. You can read about some incidents and how to defend against them on our site.
Fortunately, our trained professionals are always alert. We noticed the scheme before the imposter could cause much damage.
We pursued the perpetrator through the World Intellectual Property Organization, a UN agency that protects and promotes intellectual property across borders. The World Intellectual Property Organization transferred control of the site to us, and our InfoSec team shut it down. This stopped the bad actor from luring innocent traffic. They could no longer spread malware or harm unsuspecting visitors.
But then things got even more interesting. At our request, WIPO went a step further and identified the person who had registered the bogus domain. They introduced us to him and when contacted, he even responded to us.
“It wasn’t me,” he claimed. “Someone used my name to register that domain.” Right, and I’ve got a bridge that I’d like to sell to you at a great price.
The thing is, we won this fight, but the refrain, “It wasn’t me,” will continue to ring across countless hallways in countless organizations. Will good people learn from these experiences?
Over the years, I have consulted for thousands of companies, and we have done a lot of great things for them. Early in my career, we had a flooring company as a client. The bookkeeper, a long-term, trusted employee, wrote a lot of checks and made them out to the owner’s husband.
It turned out that the bookkeeper was cashing those checks for themselves. They then tried to hide it by changing the company’s records.
The bookkeeper was eventually caught. But instead of being fired or reported to the authorities, they received a stern warning. They were then allowed to return to their duties.
Needless to say, they went right back to writing and cashing checks, and the company is no longer around.
I am relating all this to you for two reasons. First, you have to stay alert and be prepared for bad actors from outside your organization, like the domain-name squatter in our case. And second, they can be insiders, as the flooring company found out.
To protect against outside threats, work with an experienced cybersecurity provider. They can provide technical defenses and train employees to keep your website and data safe.
To address insider infiltration, look out for red flags like these:
Is an employee complaining about financial difficulties? They may feel tempted to do something wrong for cash. If you see or hear about an employee who’s always running short on cash, take extra precautions and monitor their actions. If they talk to you about their finances, listen carefully. Then, make a decision: do nothing, help them with a short-term loan, or consider whether they deserve a raise.
Implement and maintain controls, across departments, to monitor improper activity. And if you see an employee who appears to be living beyond their means, check your back pocket.
You might trust your employees, and you may even love them. However, I can guarantee that a thief is nearby. The person could be reading this article or sitting in your office. They have chosen to do something wrong.
Trust people, love them, but some thief is reading this article, or sitting in your office, deciding it was the right thing to do wrong. Either way, you must face the thief and take action.
Carl Mazzanti is president of eMazzanti Technologies in Hoboken, providing IT consulting and cybersecurity services for businesses ranging from home offices to multinational corporations.