Business Process Compromise

All businesses have unique operational processes they rely upon to handle distinct needs. Even common tasks like shipping are handled differently from company to company. But in general, the larger a business is, the more complex its processes.

Business Process Compromise is a new type of cyber attack that recently has come into focus. It specifically targets unique systems and processes and manipulates them for the attacker’s benefit. And rather than a brash warning such as is received with ransomware, BPC attacks are typically silent and have a goal of stealthily appropriating goods and/or funds over extended periods of time.

Many BPC attacks go unnoticed because employees largely ignore the workings of these processes treating them as almost automatic.

Defending against BPC requires a multi-pronged approach.

  • File Integrity Monitoring should be considered for critical systems
  • Regularly check system operations and compare normal activity from abnormal and possibly malicious actions.
  • Regularly audit long-established processes looking for vulnerabilities as well as proper results from test data
  • Ensure that your organization has implemented cybersecurity measures to protect against identified malware exploits

Everyone stay safe out there!


 

Author: Glenn

President & CEO
MicroData