A couple of weeks ago, an employee working in a busy Rhode Island retail store clicked on the attachment to an e-mail from an unrecognized source. That simple click unleashed a virus that attacked the store’s main computer, rendering it inoperable for days.
In an instant, the store was thrown into the Dark Ages of retail. They had to switch all transactions – everything from ringing up sales, to processing payments, to tracking inventory – to manual systems. “It’s terribly disruptive,” said Eric Shorr, president of PC Troubleshooters in Warwick.
It’s also terribly common.
Shorr did not want to reveal which store suffered the attack, but he said it’s a common occurrence at all levels of business. “I have story after story after story, where businesses have lost hours and hours and hours of productivity,” Shorr said.
When most folks contemplate “cyber-security” – the protection of computers and networks from viruses, malware, data breaches and other outside invasions – they typically focus on deliberate invasions to obtain personal, proprietary or sensitive information. Those attacks definitely occur, and they cost U.S. businesses hundreds of millions of dollars annually. But Shorr and others in his industry say much more common, random and insidious are invasions that target a company’s hardware, not its files.
“There’s actually an entire industry of hackers out there who are infecting computers for commercial gain,” Shorr said. “They hack in and use your computer to send out spam and other targeted e-mails.”
The desktop computers and internal servers in a small to medium-sized business can expand a spammer’s infrastructure tenfold. When they infect 10 businesses, they expand their infrastructure 100-fold.
The business often does not know it’s been hacked until it’s too late. “If you start sending out all kinds of junk from your network, then your server IP address could end up on a blacklist, and now your legitimate e-mails don’t get through,” Shorr said. “We’re seeing this on a weekly basis. It really is epidemic.”
Shorr said another common hacking scenario is to infiltrate thousands of computers, bring them under your control and then attack a single website. “If they want to bring down a website, say Amazon for example, they flood a server with as much traffic as possible … If you’ve got thousands of computers available to you, you direct all that traffic to one source.”