Last updated on July 25th, 2015 at 02:35 pm
You might be thinking, “What does this hack of an adultery website have to do with my B2B website?”
In short, the threat of cyber-security should never been taken lightly.
To recap, AshleyMadison.com, a dating site for those seeking adulterous relationships, was hit with a data breach this week by a group calling itself The Impact Team. The hackers said they have stolen some 37 million user accounts, including credit card information, home addresses, and other sensitive details. They won’t release those details if AshleyMadison.com and EstablishedMen.com are shut down forever.
The Canadian owners of the websites, Avid Life Media, confirmed the breach.
Find out the four things you can learn from this shocking cyberattack:
1. You’re not exempt from attacks
If you think only the adultery-websites of the world are in the crosshairs of hacktivists, think again. Nearly 80 percent of organizations suffer cyberattacks, some repeatedly, a new report revealed. As shocking at that number obviously is, it “does not take into account the number of incidents that remain undetected,” the report stated.
Also, a study earlier this year found two-thirds of U.S. board directors of public companies are not fully confident that their companies are secure against cyberattacks.
Such troubling revelations underscore a lesson gleaned from the Ashley Madison hack: cyber-attacks can strike at anytime, from anywhere, and if you think your company is in safe waters because your business offering is far from contentious, you risk a data breach via outright complacency.
2. Laziness is hurting companies
A recent study found that 94 percent of small-business owners said they frequently or occasionally think about cybersecurity issues. “However, despite these concerns, less than half (42 percent) of survey respondents have invested resources in cybersecurity protection in the last year,” the survey found.
So if these attacks are happening frequently, why aren’t SMB owners doing anything about it? It could be a combination of laziness, forgetfulness and anxiety over costs to beef up cyber-security. But this stat should fire up the lazy CEOs: A report by Symantec found the average “lost business costs” per data breach were $3 million in the U.S.
3. Targeted attacks are increasingly common
We know about those “accidental spill” breaches, when a staff error or technical glitch reveals user data. IT equipment gets buggy, it happens. But Ashley Madison’s attack was targeted. The Impact Team had an issue with the site’s business model and ethical outlook, and did something about it.
Your B2B firm might not be encouraging adultery, but if your service is working with a brand some may feel strongly about (e.g. Monsanto, Marineland, Coca-Cola) then your client could be facing a barrage of attacks you would be responsible to deflect.
What’s distasteful to many, including myself, is how this kind of targeted breach is working as online blackmail: shut down your site or we ruin you by revealing all customer data. It’s troubling to realize a new cyber-crime could evolve from hackers so pissed off about your company’s offering they take you down by stealing data and posing an ultimatum. Avid Life is in a tough spot, but they wouldn’t have been there if they invested more heavily in cyber-security.
4. Be transparent about the breach
If you visit Ashley Madison’s front page right now, there is nothing about the cyberattack, and even an icon saying the site is “SSL Secure.” The buried Avid Life statement about the breach should be on the front page of the sites the hackers targeted. It should be on the company blog, replacing 2015 how-to’s on taking genitilia photos.
Sure, Avid Life wants to bury its head in the bad-PR sand, but if secrecy is so important to this service’s user base, why not be as transparent as possible when that trust was violated? (Sound familiar, AshleyMadison.com users?)
If you want to regain credibility as a company after suffering a cyberattack, don’t write a quick press release and hide it from visitors. Be clear, be honest, be upfront. Otherwise, you’ll show how your lack of character and forever cripple your brand reputation.
What do you think about the Ashley Madison hack and how it relates to B2B cyber-security? Message us on Twitter via @b2bnewsnetwork
Photo by the author