A local expert on cyber security says the recent incident that left a major Thorold book retailer closing down its website serves as a stark reminder that even small- and mid-sized companies need to take a hard look at their digital barriers to prevent hackers from performing attacks that can lead to major financial losses and other disruptions.
It was on Monday that visitors to BookDepot, a book retailer with more than 400 employees at its Thorold warehouse, and a physical store in St Catharines, were greeted by the message that the store’s IT-systems were taken down after what the company said was a ‘cybersecurity incident.’
NRPS are investigating the matter, but no updates have been issued since the company made the announcement, and the company did not specify what systems had been impacted, but claimed customers financial information was not at risk when reached by ThoroldToday.
On Thursday the error message was still being displayed following the breach, that the company said occurred on September 22.
The incident did not come as a surprise to Aaron Mauro, Assistant Professor of Digital Media and an expert at cybersecurity at Brock University, who said IT-attacks can be likened to a pandemic in of itself.
“This looks like a ransomware attack,” said Mauro to ThoroldToday, but added it would be hard to determine exactly what had transpired in lack of information.
“A company operating on a big scale has data they are protecting, and that has value. It is sitting on a complex business process. Ransomware crews, essentially criminal operators who work internationally, infiltrate a network or an enterprise and encrypt the entire system so it is no longer useable.”
Mauro said the hackers, often operating in what can look like a legitimate office environment, will then attempt to extort the victim for large sums of money in order to release the systems back into their control.
“They are sitting and working in a professional environment with team meetings, and are working like many software developers would,” said Mauro.
Attacks like these often originate from distant countries like Russia, Iran or North Korea, looking to profit from more wealthy nations and their business earnings.
The key in is often established through sending malicious links, or what looks like legitimate PDF- or Word-files that exploit vulnerabilities and open up back doors.
Then, said Mauro, the whole ordeal can be likened to interacting with a customer service agent over chat, who will act as a point of contact - but in fact is a member of the attacking group.
“They have become so good and efficient at what they do that they often have a worked-up business process. They can be very polite and treat it as a transactional interaction.”
“This is a moment for us to realize that the television image of what a hacker looks like from CSI-style television is wildly out of whack, and does not match reality.”
Mauro said alarm bells have been ringing for years about the growing threat to e-commerce as so-called ransomware crews get more brazen in their ways.
Through Covid-19, said Mauro, some observers have noted a connection between the growing threat of ransomware, and the accelerated digitization.
“These are issues not to be taken lightly and companies are not protected by being geographically remote.”
Mauro said even small- and mid-size companies should take the time to educate its employees on cyber-hygiene, and learn how to back up systems in case of a ransomware attack in order to not have to rebuild the system from scratch.
“Spending time with your staff and investing in them will harden your institution. The weakest point of a system is always between the computer and keyboard.”
Below are some links to help you catch up on cyber-safety: