Lack of Security Focus Puts SMBs In Harm's Way

Lack of Security Focus Puts SMBs In Harm's Way
Lack of Security Focus Puts SMBs In Harm's Way 

By Robert Lemos
Contributing Writer
June 30, 2010

Demolition firm Ferma nearly failed because its employees lacked a 
proper security policy.

In mid-2009, an employee at the California firm clicked on a link in an 
e-mail message and ended up at a malicious website. The site, run by 
online thieves, used a vulnerability in Internet Explorer to load a 
Trojan horse on the employee's system. With control of the machine, 
which was used for much of the firm's accounting, the thieves gathered 
data on the firm and its finances. A few days later, the thieves used 27 
transactions to transfer $447,000 from Ferma's accounts, distributing 
the money to accounts worldwide.

"They were able to ascertain how much they could draw, so they drew the 
limit," said Ferma president Roy Ferrari in an interview at the time.

Ferma did not go out of business, but many small companies have as a 
result of a hack. The consequences of an attack should make small and 
midsize businesses (SMBs) sit up and notice, says Bernard Laroche, 
senior director of SMB product marketing for security giant Symantec.

"If a small business gets their data stolen, whether customer credit 
cards or their patient records, then they might ... have to close, where 
a large enterprise could move on," he says.


Attend Black Hat USA 2010, hosted at Caesars Palace in Las Vegas, Nevada
July 24-29th, offering over 60 training sessions and 11 tracks of Briefings
from security industry elite. To sign up visit 

Site design & layout copyright © 1986-2014 CodeGods