http://www.darkreading.com/smb-security/security/management/showArticle.jhtml?articleID=225701975 By Robert Lemos Contributing Writer DarkReading June 30, 2010 Demolition firm Ferma nearly failed because its employees lacked a proper security policy. In mid-2009, an employee at the California firm clicked on a link in an e-mail message and ended up at a malicious website. The site, run by online thieves, used a vulnerability in Internet Explorer to load a Trojan horse on the employee's system. With control of the machine, which was used for much of the firm's accounting, the thieves gathered data on the firm and its finances. A few days later, the thieves used 27 transactions to transfer $447,000 from Ferma's accounts, distributing the money to accounts worldwide. "They were able to ascertain how much they could draw, so they drew the limit," said Ferma president Roy Ferrari in an interview at the time. Ferma did not go out of business, but many small companies have as a result of a hack. The consequences of an attack should make small and midsize businesses (SMBs) sit up and notice, says Bernard Laroche, senior director of SMB product marketing for security giant Symantec. "If a small business gets their data stolen, whether customer credit cards or their patient records, then they might ... have to close, where a large enterprise could move on," he says. [...] _________________________________________________________________ Attend Black Hat USA 2010, hosted at Caesars Palace in Las Vegas, Nevada July 24-29th, offering over 60 training sessions and 11 tracks of Briefings from security industry elite. To sign up visit http://www.blackhat.comReceived on Wed Jun 30 2010 - 22:49:29 PDT
This archive was generated by hypermail 2.2.0 : Wed Jun 30 2010 - 22:55:29 PDT