We’re continuing the series “Small Business Stories”, in which CEOs of small companies talk about the role IT plays in their general activities and in the protection of their information. This time we will focus on F-Stage Company and its head, Elena Dorokhina, the former CEO of Russia’s major e-sales company.
F-Stage is a small company of just five employees, yet it’s very energetic and involved in a very wide range of activities. They produce transport cases for sound amplification, musical equipment and theatrical scenery, and they record audio, video and rent stage and film equipment.
When it comes to F-Stage, IT generally plays a minimal role. Although all the company’s employees are from the IT sector, according to Dorokhina, they rely more on information technologies than the average workers in their business.
This means there is a higher level of computer literacy amongst employees, which, as the head of the company states, allows for F-Stage to go without a staff system administrator.
“All the employees are experienced IT industry specialists, so we can do without a salaried administrator,” Elena Dorokhina said.
F-Stage does not process other people’s personal data (at least for the moment), thereby avoiding protection challenges. However, the company has had to confront quite nasty cyberthreats.
At various times the company had several sites created with popular free content management systems like Drupal, Joomla and WordPress. There was a particular incident with Joomla where administrative panel passwords changed unbeknownst to the employees.
Soon they figured out that someone had exploited the Joomla authorization system’s vulnerability, which was present in its vanilla installation.
“After the administrative password on the site had been changed due to an attack, we sought for expertise on the problem and did our best to eliminate the known flaws in the defenses,” Dorokhina said.
However, there was another interesting point that came from this. According to the logs, and the fact that except for the password change there were no other malicious activities, the attack was conducted by a bot.
“In our logs we can see bots regularly probing those flaws. However, they are just robots acting at random,” concluded the CEO of F-Stage.
This is a good example of a phenomenon we have already described: the automation and mass production of searching for and exploiting vulnerabilities in software products. Until recently, robots usually kept spamming comments within social media, but now they have grown more active by automatically exploiting known CMS vulnerabilities. Last year we detected a botnet bruteforcing sites on the WordPress platform. All this may have seemed exotic in the past, but we’re now living in a time where we need to treat such phenomena as a constant component of the threat landscape within large, medium and small businesse.
Just like legitimate businesses, cybercriminals are interested in minimizing costs and labor consumption while achieving maximum efficiency and profitability. Consequently, the wider the coverage and the greater the automation, the more rewarding the scheme is.
We also want to repeat what this case demonstrates. Cybercriminals absolutely do not care about who they attack. The only reasoning for them is to find something valuable and vulnerable. You can secure yourself from random attacks with the help of technical means. When it comes to server software, you need to enable all existing safety features in it immediately after launch and install all security updates as soon as they are released by software developers.
We have to admit, the chances of a cyberattack at any business using IT is about 100% now. When it comes to a successful attack, it does not really matter if it is random or not. But even if we assume that an attack is inevitable, we should not leave open windows for potential thieves.