As the final week of the campaign kicks off, the Data Loss Gremlins are stepping up their last-minute efforts to bring in the most votes for the biggest data loss threat of the year. Last week Whoopsie Daisy and Scratch battled it out and remained adamant in their ability to corrupt data and leave a lasting impact on your small business customers.
This week we’re introducing two newcomers to the Data Loss Gremlin scene. Both candidates possess the power to destroy small businesses and are formidable opponents for the other six Data Loss Gremlins. With that said, here’s what we know about the newest data loss threats — Phishy and Dino.
Place of Birth: The Great Lakes
Fun fact: Last year I cost businesses $3.77 million, according to the Ponemon Institute. I don’t know how “fun” that is for small businesses, but I’m proud of it! I’m committed to upping the ante next year and pledge to cost businesses even more in 2016.
Tell us about yourself: I spend most of my time writing suspicious emails — and I love it! My emails typically mimic those from people familiar to the recipient, like their bank or the CEO of the company they work for. My favorite thing to do is write up infected emails, instant messages, and social media posts that steal sensitive information from anyone I can dupe into clicking on them (employees at small businesses make it especially easy). Doing this well involves knowing exactly how to target the least suspecting users.
Who should we call to give you a reference? There are too many to choose from! I like to replicate emails from Wells Fargo, Verizon, and AT&T, so they would definitely be able to vouch for my reach. I’ve had recent success exploiting iCloud users and hedge fund managers, too. They offer the biggest opportunity for me to exploit the most money. If you speak with them, let them know I say thanks! And don’t forget to reach out to Seagate Technology. I tricked them into giving me W-2 tax documents for all of the employees they’ve ever had. That was the best!
What’s your greatest strength? I am as stealthy as cyber threats come, disguising myself as someone I’m not and getting what I want from unsuspecting users. I’m rarely disappointed in the responses I get from my phishing campaigns, especially when I’m able to get a CEO to transfer funds directly to me. I’m just that good.
What’s your greatest weakness? End users who are aware of the context clues that give away my phishing emails are pretty annoying. What really ticks me off, though, is IT service providers who teach their small business customers not to open unfamiliar emails or click on suspicious links, and to look out for typos in my messages (My grammar isn’t the best, I’ll admit … ).
Why are you a bigger threat than all those other gremlins? I look innocent (yeah, I know I’m cute), but I’m actually the most secretive of all the Data Loss Gremlins with my social engineering exploits. I’m a mastermind when it comes to infiltrating networks, stealing the most sensitive data businesses possess. I’ll expose your customers’ sensitive information and steal their money, too.
Place of Birth: Pangea (Mesozoic Era)
Fun fact: According to a survey by Spiceworks, 61 percent of businesses in their network are still running at least one instance of Windows Server 2003 after Microsoft ended Extended Support for the aging product. Thanks to small businesses lack of awareness on the risks to their businesses, I continue to run outdated operating systems on their machines.
Tell us about yourself: I’m an old trickster with a longstanding ability to corrupt small businesses’ data. When it’s not election season, I have a close friendship with Klepto, my hacker pal who I let into users’ networks. He appreciates that I trick businesses into thinking legacy systems are cheaper when in reality they create security risks, lost productivity, and non-compliance for my victims.
Who should we call to give you a reference? That’s tough, since most of the users who I’m exploiting have no idea I exist or think I’m fine to keep around. I’d say IT experts who know the risks posed to businesses running outdated operating systems. They’ve seen the trouble I can cause! Microsoft probably finds me annoying as well, since they ended support for Windows XP and Windows Server 2003 but tons of businesses still have it running on their machines.
What’s your greatest strength? People forget about me, which plays to my advantage. Businesses don’t keep track of the systems they’re running, so they don’t notice when something becomes obsolete, which allows me to just keep running and doing damage without being detected. I also seem to be less expensive than migrating to newer operating systems (at least small businesses see it that way!) so I can continue to pose detrimental threats to businesses.
What’s your greatest weakness? Small businesses who work with an IT service provider. They prevent me from continuing to run quietly in the background of end users systems. IT service providers usually inspect their customers’ networks and systems once they sign a service agreement, so I’m usually revealed and wiped from their machines pretty quickly. And that’s always a bummer.
Why are you a bigger threat than all those other gremlins? Unlike the other data loss threats, I have the years of experience to know how to fly under the radar and continue to create security vulnerabilities. I’m able to compromise data just by being myself, which of the other candidates can say that? Plus, I’m old which should get me the sympathy vote.