Symantec: Small companies at risk of cyber espionage

A treasure trove of emails, text messages, passwords and sometimes even credit cards make smartphones a boon for cyber criminals.

May 7, 2013 01:17
2 minute read.
A Motorola Droid phone in New York

Motorola Android smartphone 311. (photo credit: Brendan McDermid / Reuters)


Dear Reader,
As you can imagine, more people are reading The Jerusalem Post than ever before. Nevertheless, traditional business models are no longer sustainable and high-quality publications, like ours, are being forced to look for new ways to keep going. Unlike many other news organizations, we have not put up a paywall. We want to keep our journalism open and accessible and be able to keep providing you with news and analyses from the frontlines of Israel, the Middle East and the Jewish World.

As one of our loyal readers, we ask you to be our partner.

For $5 a month you will receive access to the following:

  • A user uxperience almost completely free of ads
  • Access to our Premium Section and our monthly magazine to learn Hebrew, Ivrit
  • Content from the award-winning Jerusalem Repor
  • A brand new ePaper featuring the daily newspaper as it appears in print in Israel

Help us grow and continue telling Israel’s story to the world.

Thank you,

Ronit Hasin-Hochman, CEO, Jerusalem Post Group
Yaakov Katz, Editor-in-Chief

UPGRADE YOUR JPOST EXPERIENCE FOR 5$ PER MONTH Show me later Don't show it again

Small and medium-sized companies are the most vulnerable to cyberattack, whether in the form of compromised financial data or stolen trade secrets, according to Symantec, an online-security company.

“In Israel we see a lot of start-up companies, right? So what we see is that these smaller companies are targeted for corporate espionage,” said Candid Wuest, Symantec’s principal threat researcher, on a visit to Israel in early May.

Be the first to know - Join our Facebook page.

“A lot of companies have nice technology here, and other companies would love to steal that.”

According to Wuest, 50 percent of cyber attacks in the past year were aimed at companies with fewer than 2,500 employees, and 31% were aimed at companies with fewer than 250.

"A lot of times people say ‘well I’m only a small company, why would people be interested in stealing from me?’” There are several reasons.

For one, cyber criminals know that even small companies handle financial information from their clients, but probably have fewer protections.

Targeting small companies may also be a stepping stone in a bigger scheme.

Larger companies that outsource or collaborate with smaller companies entrust them with valuable data. For example, if a big corporation outsources the printing of its financial reports to a small printing press, hackers that break into the printing press’s computers could get those confidential files.

“If you as an attacker have this information, you can already make profitable ventures on the stock exchange,” says Wuest.

Of the companies attacked last year, 24% of them were in the field of manufacturing and 18% were in financial services.

The latest front for fraudsters to get the kind of inside information that could be costly to companies sits right in people’s pockets: smartphones.

A treasure trove of emails, text messages, passwords and sometimes even credit cards make smartphones a boon for cyber criminals.

Without a regulated application store to filter out malware, Android users in particular, are vulnerable.

There are already 210 different families of threat to androids, and 150,000 variants, says Wuest.

“If you install something on your smart phone, make sure that you install it from an official, trusted source,” he warns, adding that reading the user agreement and taking caution in allowing applications to access other data from the phone are important.

“Ask yourself why a flashlight app wants access to your email,” he said.

“As long as there are profits to be made, attempts to hack into companies and steal their information will only grow.”

Symantec, of course, recommends across-the-board protection, saying that antivirus is only partial protection, and pro-active steps like whitelisting and firewalls are useful.

“It’s like a car,” he says. “You can have seat belts, and that’s the antivirus, but I’d want to also have an airbag, ESP, and so on. Each is good for one specific target or attack.”

Related Content

The Teva Pharmaceutical Industries
April 30, 2015
Teva doubles down on Mylan, despite rejection