Cyber security is one of the pillars to business success in the digital age. It doesn’t matter if you’re running a decade-old family business or starting a new company from scratch – you must pay attention to cyber security if you want a sustainable and profitable future for your endeavor.
Still not convinced? Here are some of the worst cyber security disasters involving startups and what you can learn from them:
Ever heard of the statistic: ‘60% of small businesses fail within six months after being hacked’? Code Spaces, a SaaS startup based in Coventry UK, is one of those small businesses.
According to reports, the company was beyond salvation after being targeted by a DDoS attack and then having their Amazon Web Services EC2 control panel hacked.
By refusing abide by the hacker’s demands, the company eventually lost most of their data, machine configurations, and backups.
One of the fatal mistakes that Code Spaces made was they clumped all their critical data in one platform – including their backups. They became too reliant on Amazon that the hacker only needed one access credential to put the entire business out of order.
If only they utilized a remote backup service or created multiple backups in more off-site locations, they should be more than capable of restoring their operations after a successful cleanup.
The idea behind the software is to provide business owners with actionable metrics based on their Quickbooks figures. The only problem was, founder Peter Justen and three senior officers, including their CTO, disagreed on whether they should sell the company or not.
Eventually, Justen had to fire all three officers – marking the beginning of the end for the entire enterprise.
According to reports, the former CTO created a number of backdoor access points to the MyBizHomepage application. After a series of cyber-attacks, they managed to completely sabotage the website and use the company’s very own email and Facebook accounts to smear Justen’s reputation.
The worst thing about MyBizHomepage’s case was that Justen had no proof of his former CTO’s existence. He had no credit card records, driver’s license, tax returns, or anything else that can be used to pinpoint his whereabouts.
Additionally, Justen clearly failed to develop a contingency plan before hastily firing three top-level officers, which would’ve prevented them from abusing their access privileges to put the company out of business.
Another strategy that would’ve worked is to use multi-factor authentication that utilizes biometric information such as fingerprints or facial features. This enables organizations to verify the identity of their members as well as discourage former employees to plot revenge.
And for a company like MyBizHomepage with a $100-million valuation, such additional steps in advancing cyber security would’ve been feasible.
After amassing around $15,000 in funding from their own savings and angel investors, Michael Hopkins and Cate Costa launched Onlyhonest.com to give internet users a chance to voice their political opinions via video.
But right before the company reaches its first year anniversary, their online platform was reportedly targeted by popular “hacktivists” known as Anonymous.
As a startup, remember that you need a proactive approach when it comes to online security. The good news is, companies today now have access to budget-friendly platforms like Cloudflare – a firm that’s capable of going toe to toe with the likes of Anonymous.
To be fair, OnlyHonest.com wasn’t a well-funded company like MyBizHomepage and Code Spaces. They never really prioritized digital security until after the Anonymous hacking incident.
Hopkins reportedly launched a crowdfunding campaign on RocketHub.com to rebuild the site with better security, but his attempt never really took off.
Jeremy Webb Blog | Startup Grind https://www.startupgrind.com/blog/learn-from-3-cyber-security-fails/