Press "Enter" to skip to content

What are all of those cybersecurity threats?

It’s easy to become a cybersecurity victim — here’s a brief breakdown of cybersecurity culprits and what to be aware of

Editor’s Note: This is the second of three installment in a series on cybersecurity. Find the first installment here.

Last time we discussed the why of cybersecurity for you and your business. As noted, smaller businesses are hacked and attacked often. Small businesses of all types — and maybe more so automotive due to our frequent computer traffic and typically a lack of able security protection — make excellent targets for hackers and attackers.

It is, unfortunately, easy to become a victim. With that in mind, here’s a brief breakdown of cybersecurity culprits:

Phishing Attacks: Messages you receive in email and text that appear to be legitimate, but once opened can steal money, load dangerous software and much more. Let’s say you get an email with strange characters, from someone you don’t know, announcing you have won a prize you are unaware of, etc. make it look quite enticing to open. Hint, just delete.

Ransomware: You open up for the day and attempt to access your system only to find out that you have nothing but a screen announcing you must pay money to the “kidnapper” in order to once again have access to your data. It is really spreading around small systems right now. According to Astra Security, 55 percent of ransomware hits businesses with fewer than 100 employees. 

Point of Sales Systems (POS): Breaches that infiltrate your POS system to take data.

Malware: Related to phishing, but is a silent, hidden software targeting your system under the cover of coding. Maybe something like a key tracker that records your computer keystroke then sends it off to the Deep Web.

Distributed Denial of Service (DDOS): For those readers with websites this is a big one. While not directly related to the automotive aftermarket, DDOS attacks are simple to wage and hard to undo.  Here’s an example from a security firm named Cloudflare: In 2000, a 15-year-old hacker known as “Mafiaboy” took down several major websites including CNN, Dell, E-Trade, eBay, and Yahoo, the last of which at the time was the most popular search engine in the world. This attack had devastating consequences, including creating chaos in the stock market.

E-Skimming: There are a couple of types of skimming. One is where the bad actor puts a Wi-Fi connected reader in a credit card slot that steals card information. Another is where someone equipped with a skimmer can “insert it” in your system.

SQL Injections: Using a variety of ways to access your backend data base the “injection” modifies data and allows it to be stolen.

Zero-Day Attacks: A zero-day exploit is a cyberattack vector that takes advantage of an unknown or unaddressed security flaw in computer software, hardware or firmware. “Zero day” refers to the fact that the software or device vendor has zero days to fix the flaw because malicious actors can already use it to access vulnerable systems. 

Business E-Mail Compromise: This one goes to Microsoft … Business email compromise (BEC) is a type of cybercrime where the scammer uses email to trick someone into sending money or divulging confidential company info. The culprit poses as a trusted figure, then asks for a fake bill to be paid or for sensitive data they can use in another scam. BEC scams are on the rise due to increased remote work — there were nearly 20,000 BEC complaints to the FBI last year.

Social Media Attacks: This is really big and growing. Attackers often use social media accounts during the reconnaissance phase of a social engineering or phishing attack. Social media can give attackers a platform to impersonate trusted people and brands or the information they need carry out additional attacks, including social engineering and phishing.

Insiders: Yup. Many an attack is started by an employee, or even you, opening malware or giving out the security information for the system to others. There is also you at home. Talking with Vito De Francisco with Centurion Data Systems (CDS) it is imperative that those connecting from home to business realize that their personal home computer is as protected as the business system since one may impact the other. And it isn’t hard. And yes, smartphones may also be a source of trouble.

If you are anything like me, its mind bending to think of all this. After the weeks now of research, I learned an awful lot I was not aware of, and need to pay attention to my personal use. But what to do? See you in the third and final installment.


At a young age, industry veteran Tom Langer started detailing cars for his family’s dealerships, which then led to work in the jobber and warehouse business, along with a machine shop and auto body shop. He held a variety of positions with an auto parts manufacturer for 10 years, and remained in the industry working with shops, warehouses and manufacturers in research and more.

Comments are closed.

Bringing you regional and national automotive aftermarket news
Verified by MonsterInsights