• Skip to main content
  • Skip to footer

Commonwealth Sentinel

Cyber Security for local government, non-profits and small business

MENUMENU
  • Home
  • About Us
    • Sheri Donahue
    • Leo Haggerty
    • Careers
  • Services
    • Vulnerability and Threat Evaluation
    • Transformation Management
    • CISO Management Services
    • Incident Response Management
  • News
  • Blog
  • FAQs
  • Contact Us

commonsent / November 4, 2021

Weak Cyber Security Can Damage Your Business in Many Ways

Business owners understand the basic damage that inadequate cyber security can cause, but few think about all of the long-term consequences.

Ransomware attacks can cause loss of data, ransom payments, halted operations, and cost to fix your systems and make them secure (which you should have done before you were hit).

Misconfigured systems may be exploited via an unpatched software vulnerability causing a distributed denial of service (DDoS) attack or infiltration via a router that has a default password.

Untrained or careless employees may click on a link or attachment in a phishing email allowing hackers access to your network.

All these events can harm your business by costing money, impacting operations, and harming employees or customers via theft of information.

The less tangible damage, which may cause even greater harm, is loss of faith.

For a county government, this may mean elected officials are not re-elected.

For a non-profit, this may mean reduced donations.

For a business, this may mean going out of business.

Recently we worked with a local company that was the victim of a phishing attack. An employee received an email that seemed to be legitimately from a potential vendor with whom they had been in discussions. They opened an attachment that appeared to be a quote. However, it was not. The employee knew immediately that it was a phishing scam.

Next, they realized that they were no longer receiving any emails at all when they normally would be getting numerous every day. The attacker had infiltrated the employee’s email. Not only did the attacker gain access to the employee’s address book but they also set up a rule which forwarded all incoming mail to the attacker.

The attacker then sent emails appearing to come from the employee to those in the address book, including their clients!

The small company had several large corporations as clients. The phishing attack, and the new phishing emails that were now sent to the clients, caused damage worse than an exfiltration of data or a ransomware attack. The harm was in good faith with their customers.

Immediately one of their largest clients ceased all electronic communications with the small company. All emails from the smaller company’s domain were blocked by the larger company’s emails server. This not only hampered communications but it was also how the small company invoices their clients… Now they were unable to get paid.

The client then demanded that if the small company wanted to continue doing business with them, they had to obtain cyber security services and provide proof. Trust definitely was lost.

While this seemingly would solve the immediate issue of protecting the small business and appeasing the client, it was not all “forgiven and forgotten”. The relationship has not been restored to its previous level of trust. At this point, it is unknown how long the client will retain the services of the small company. That in itself will be a huge negative impact. But, it also may damage their reputation with other clients with whom the small company does business. Not to mention the hesitation of the client to recommend the business to their peers.

When was the last time you recommended a restaurant with poor service? People are far more likely to share a bad story than a good one.

The answer is to implement cyber security before you are pressured to do so by a client. With as much time and effort it takes to land a new customer, it is important that you protect them and their data as much as you protect your own business and employees. Otherwise, there will be no business left to protect.   

Filed Under: Blog

Footer

CONTACT US

COMMONWEALTH SENTINEL

1230 US Highway 127 S
Suite #5
Frankfort KY 40601
(502) 320-9885

EMAIL US

ABOUT US

Cyber security consulting for local governments, non-profit organizations, and small businesses facing the threats of the cyber world.  At Commonwealth Sentinel, we are passionate about helping people be cyber-safe!

FOLLOW US

  • Email
  • Facebook
  • LinkedIn
  • Phone
  • Twitter
  • YouTube

Copyright © 2023 Commonwealth Sentinel

We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept”, you consent to the use of ALL the cookies.
Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT