<span id="hs_cos_wrapper_post_body" class="hs_cos_wrapper hs_cos_wrapper_meta_field hs_cos_wrapper_type_rich_text" style="" data-hs-cos-general-type="meta_field" data-hs-cos-type="rich_text" ><p>There's a blog over on the WSJ about how cyber-criminals are targeting Small and Medium businesses, and stealing money using the Zeus and Spyeye trojans, which we block.</p> <!--more--><p><a title="WSJ CIO BLog about Operation High Roller" href="http://blogs.wsj.com/cio/2012/06/26/operation-high-roller-targets-corporate-bank-accounts/" target="_blank">http://blogs.wsj.com/cio/2012/06/26/operation-high-roller-targets-corporate-bank-accounts/</a></p> <p>One of the biggest problems is that most small and medium businesses think that they are not a target, and therefore don't need to do anything:</p> <p><a title="Hartford Survey shows 85% of small busiensses ignore risks" href="http://finance.yahoo.com/news/small-business-owners-despite-being-143500231.html" target="_blank">http://finance.yahoo.com/news/small-business-owners-despite-being-143500231.html</a></p> <p>However, this may be a result of feeling powerless. The complexity of most approaches to stopping this sort of attack is also a bar that is too high, and costly, for most small and medium businesses.</p> <p>The infrastructure that big companies use to inspect and lock down all traffic (provided by the large companies quoted in the WSJ), and the checks and balances in their processes, protect them, most of the time. When they fail, they at least alert them quickly to compromises. The problem is, this takes a lot of hardware and software, and very highly qualified people to run. It has to be monitored 24/7 to be effective.</p> <p>For the SME, a complex layered defense with Intrusion Detection/Prevention, Alert monitoring, content inspection, and the staff to do all that is simply prohibitive. Even if you outsource it to someone like Secureworks, you still need all the equipment in your network, and the cost is typically at least as much as a 1/2 time IT guy per year, and goes up from there.</p> <p>As a result, the defenses used by the big guys are expensive and inaccessible to the vast majority.</p> <p>Cloud services provide the best way to handle this for a small company. Services like OpenDNS and Websense Triton do a good job of filtering what people browse to, but many bots communicate silently in the background, and circumvent those solutions.</p> <p>ThreatSTOP, by doing the detection in the cloud, and using the company's existing firewall as the enforcement gateway, solves this issue. It makes the firewall smarter, allowing you to block the call home, and identify which computers are infected.</p> <p>Learn more at <a title="ThreatSTOP website" href="http://threatstop.com">http://threatstop.com</a></p> <p>P.S.</p> <p>As if more evidence was needed of the problem:</p> <p><a title="More from the UK" href="http://news.sky.com/story/952931/fraud-ring-in-hacking-attack-on-60-banks" target="_blank">http://news.sky.com/story/952931/fraud-ring-in-hacking-attack-on-60-banks</a></p> <p>Krebs has a story about how IF you get the bank to give you back your money, it can take a LONG time:</p> <p><a title="Escrow company gets money back 2 years later" href="http://krebsonsecurity.com/2012/06/bank-settles-with-calif-cyberheist-victim/" target="_blank">http://krebsonsecurity.com/2012/06/bank-settles-with-calif-cyberheist-victim/</a></p></span>
