A recent indictment of hackers in the Unites States brings to light the convergence of financial crime and cybercrime. While hackers have typically been associated with the theft of credit card numbers and personal identification information such as Social Security numbers, it is alleged that these cyber-criminals made $100 million by hacking into business newswire services and using that information to make illegal stock trades.
Such activity suggests that any intellectual property is fair game and hackers are targeting third parties to expand their reach to new targets that may have previously considered themselves to be safe.
This evolution in hacking demands the attention of security, cyber-security, and risk management personnel across industries, demonstrating that your information is only as secure as the people and organizations you share it with.
Several major recent hacking attacks have stemmed from the sharing of sensitive information with outside companies. It’s widely suspected that the hackers who breached Target Corp.’s computer systems during the 2013 holiday season and stole millions of customer credit and debit cards used the retailer’s connection with a small Pittsburgh-area heating and refrigeration business as the back door to get in.
The online photo websites for Rite Aid Corp., CVS Health Corp., Costco and Wal-Mart Canada remained shut down weeks after the hacking of Canada-based PNI Digital Media, which administers them.
While third-party companies are becoming known as the weak links in cybersecurity, it is important for municipalities, not-for-profit entities, and businesses to scrutinize all information and system access shared with anyone inside as well as outside of their organization.