Cybercriminals are feeding at will

 

What are you doing to protect your business?

Closing the safe, backing up computer data on a daily basis and locking the doors after closing are three important steps businesses take almost without thinking about them. Most are routine tasks and it wasn’t long ago when these end-of-the-day steps were actually the starting points to get you to the next day.

But times have changed… and, wow, have they changed.

There is a bushel basket full of gaudy numbers (more on those later) to show that closing a business to foot traffic doesn’t eliminate the threat of thieves. The cyber-world doesn’t work that way. It’s open 24 hours a day and criminals are feeding at will on a global buffet of businesses.

 According to cyber experts who monitor criminal activity, these are the top five targets:

1. health care providers,   
2. governmental agencies,
3. small businesses,
4. energy companies, and 
5. higher education facilities.

Take note of number 3 – small businesses. Some observers suggest that 60% will fail within six months of startup because of cyberattacks.

While the number of equipment dealership startups pales when compared to openings of coffee houses and fast-food restaurants, equipment dealerships, which fit into the small business category, have a lot more than coffee beans and french fries at stake. Dealers store data that contains financial information, customer information, crop information, equipment inventory, parts and service information, accounting and employee information – it’s a long list.

John Schmeiser, CEO, Western Equipment Dealers Association, says the association has been involved in working with dealers on data security for quite a few years. As a result, the association helped develop guidelines on securing data within a dealership and the guidelines followed governmental rules to protect customer information. At the time, most of the guidelines centered on how paper records and records stored on desktop computers were kept and who had access to them.

But the new threat level goes beyond what’s in a filing cabinet or stored on a computer or kept in a safe, which led the association to Secuvant, a Utah-based company that provides cyber protection services.

“We’ve had numerous inquiries from members who received phishing emails that their employees responded to,” says Schmeiser, who adds that one situation involved a dealership’s CFO who made a money transfer based on an email that appeared to come from the owner of the business. 

“We thought having a cyber protection program in place would help us complete the loop in offering data protection to WEDA members,” says Schmeiser.

Why Secuvant?

“We did a thorough review and examination of Secuvant services and came away confident that Secuvant, with its expertise and knowledge, would be able to provide cybersecurity protection that would benefit our dealers,” explains Schmeiser.

In simple terms, adds Schmeiser, Secuvant is in the background
“looking over a dealer’s shoulder at anything coming into the dealership” electronically.

Cyber7

Looking over the shoulders of businesses is not a one-and-done deal. Secuvant assesses risk using its Cyber7™ model. As shown here, Secuvant looks at seven areas of risk all businesses face.

As noted on Secuvant’s website, this model is used to prioritize these areas of a business to learn where the gaps and risks are and then the company can create “a cybersecurity strategy that prioritizes the most important needs and implements controls to protect against those risks to the business…”

Secuvant’s website also points out that technological innovation in the ag industry has “improved productivity, efficiency and communications,” adding, “The collection, analysis, and storage of data allow agriculture, manufacturers and dealers to refine their processes, increase efficiencies and comply with regulations as they evolve.”

But, cautions Secuvant, “All of these innovative improvements create more and more digital data. Protecting data is the function of cybersecurity. In 2016, the FBI identified agriculture as a top industry dealing with cyber risk.”

Don’t put cybersecurity on hold

With all that’s at stake at today’s dealership, Schmeiser says dealers need to take cybersecurity seriously.

“Dealers sometimes get caught up in day-to-day interactions with customers, employees or manufacturers, and some things get pushed to the side. But cybersecurity should be a priority for dealers who have more reasons than ever to protect their data.”

Schmeiser adds it’s unwise for dealers to assume that cybercriminals aren’t targeting their businesses. He says there are plenty of examples of dealerships contacting the association for help after an attack has occurred. “One of our members, who operates a multistore operation, had their system shutdown by hackers. The system was down for two days and the dealer paid a six-figure ransom to get the system back up and running.”

Single-store operations are also targets, continues Schmeiser. “We had a dealer with a single location hacked. The dealer paid off the hackers. It wasn’t six figures, but the amount was in the thousands to get the dealership’s operations back on track. This is where a company like Secuvant can come in and prevent something like this from happening in the first place.”

The pandemic and opportunity

The pandemic has opened more and more doors for hackers, who have taken advantage of the massive number of people working remotely. Mark Spangler, a Secuvant board member, offered his perspective in an article that appeared in Construction Equipment Dealer magazine.

“The pandemic has not only left the world open to vulnerabilities while everyone is trying to stay calm, compliant, and safe from a mysterious human virus, but it has created a new spark of awareness among executives coming to terms with the fact that the problem is bigger than they realized before. That doesn’t mean that business leaders had no idea of what was going on, but the pandemic laid everyone’s intentions and characteristics out for all to see.”

Spangler has 35+ years of private and public experience in the cybersecurity and intelligence communities.

The gaudy numbers

Cyberattacks are costly and some numbers and trends can’t be ignored.

Cybercrime Magazine writes that a ransomware attack is likely to occur every 11 seconds in 2021. It was every 40 seconds just five years ago. The magazine also suggests global payouts for ransomware attacks could exceed $6 trillion this year and more than $10 trillion in 2025.

In Canada, according to an IBM Security survey reprinted in the Toronto Star, “the average cost of a data breach in Canada was $6.75 million per incident in the 2021 survey year.”

Moreover, the IBM survey found “that data breaches cost $1 million more on average when remote work was indicated as a factor in the event.”

U.S. businesses have lost and will continue to lose billions every year to cybercrime unless protections are put into place. The FBI says the cost of cybercrime was nearly $4 billion two years ago and said the average payout for ransomware attacks was more than $100,000.

And here’s the kicker that can’t be ignored: Businesses that suffer cyberattacks are likely to be hit again within a 12-month period.

“We think this partnership with Secuvant is in the best interest of dealers,” says Schmeiser. “WEDA has done the research and we believe Secuvant offers a very comprehensive cyber protection program at a reasonable price.”

Surely your dealership is worth a phone call to see how to protect your business from the cybercriminals who are feeding at will on a global buffet of businesses.  

———-

To learn more about how Secuvant could help protect your dealership, please visit https://secuvant.com , call 855.732.8826, or email sales@secuvant.com.