4 Reasons Hackers are Targeting the Cannabis Industry

4 Reasons Hackers are Targeting the Cannabis Industry

click photo for more information
4 Reasons Hackers are Targeting the Cannabis Industry
The cannabis industry holds a treasure trove of customers’ private information and business intelligence. This makes your business a prime target for cyber-attacks and/or surveillance, as both hackers and other entities are clamoring to acquire this treasure. Turn on the news, pick up a newspaper or read your social media feed—and you are certain to […]
0
26

The cannabis industry holds a treasure trove of customers’ private information and business intelligence. This makes your business a prime target for cyber-attacks and/or surveillance, as both hackers and other entities are clamoring to acquire this treasure.

Turn on the news, pick up a newspaper or read your social media feed—and you are certain to learn of the latest cyberattack. Hackers who previously targeted corporations now set their sights on the SMB (Small to Mid-Size Business). We’ll explore the problems (and the process) needed to become secure, and the importance of allocating resources to protect customer and business data. By the end of the article, you’ll understand why it is so important to take cybersecurity seriously.

The proverbial ‘SMB Mistake’

Whenever I speak to SMBs about the importance of cybersecurity, the question I’m often asked is: “Why would a hacker want to break into my system?” At which point I think to myself, “The same reason a bank robber would want to break into a bank… because there is value inside.”

Unfortunately, all too often the first mistake many SMBs make is underestimating the value of their data. When a bank considers securing their facility, they hire experts to assess their weaknesses and apply the necessary measures to mitigate risk, protect assets, and respond to robberies. Risk mitigation measures may include security cameras and guards(and not the Barney Fife-Type guard from Mayberry, who carried one bullet in his holster; but real, 45-caliber-carrying, scary-looking, 250-pound, muscle-bound, crossfit-looking, former Navy SEAL-type guards), while protection devices could be locking mechanisms and vaults, and response procedures could include triggering a lockdown.

Today I will cover four reasons why (and how) hackers target the cannabis industry, and methods used to exploit the vectors mentioned.

Sit back and relax as we delve into the underworld of cyberspace.


Real-World Example:

As detailed in the video below, in January of 2017 it was reported that MJ Freeway, a Denver company (whose “seed-to-sale” tracking software is used by hundreds of cannabis companies to comply with state regulations) was compromised by a cyberattack.

Learning objective:

Hackers will often target less secure applications to gain access into a company’s network. It is imperative that software/application developers keep their applications updated and develop with the latest security measures in mind. Failure to do this will result in more compromised networks. This will put both your business and customer data at risk. Keep this in mind when looking to purchase third-party software to run your business.


#1 Valuable Information

Remember the first mistake, that SMBs underestimate the value of their data? Well, this statement rings true throughout the entire SMB market and is not relegated only to the cannabis industry. You do not have to be a large corporation to house valuable data.  And just because you are a large corporation doesn’t mean your data is more valuable than small business data.

As acceptance of the cannabis industry becomes more mainstream, the amount of data on the systems used to run the business will grow exponentially. Consider the abundance of information stored on your systems at any given time:

  • Patient Information
  • Order History
  • Intellectual Property
  • Research & Development
  • Customer/Patient Names
  • Addresses
  • Dates of Birth
  • Phone Numbers
  • Driver’s License Numbers
  • Social Security Numbers
  • Medical Information
  • Credit Card Numbers
  • Transportation & Route Information
  • VIN Numbers
  • License Plate Numbers
  • …and more

“The first mistake made by SMBs is that they underestimate the value of their data.”

Personal Identifiable Information (PII) is defined by the U.S. Government as any data that could potentially identify a specific individual. Any information that can be used to distinguish one person from another and can be used for de-anonymizing anonymous data. Think names, SSNs, Birth Dates, Addresses, etc.

Protected Health Information (PHI) is defined by the U.S. Government as any information about health status, provision of healthcare, or payment for healthcare that is created or collected by a covered entity (or a business associate of covered entity) and can be linked to a specific individual. Think patient name, address, certification/license numbers, medical record numbers, health related information, account numbers, SSNs, etc.

Government mandates have been enacted to ensure that both PII and PHI of consumers is protected, secured and kept private. The two most prevalent of those mandates being the Payment Card Industry Data Security Standards, or PCI-DSS (which states that any business responsible for accepting, processing, transmitting, or storing credit card information must adhere to the PCI-DSS for data security) and the other being the Health Insurance Portability and Accountability Act, or HIPAA (which ensures the security of protected health information and electronic health records).

And we must not forget Business Intelligence. This is information related to the operation of the business that, if compromised, could cause irreparable damage. Think research and development, inventory, potency, homogeneity, , solvent analysis, microbial and pesticide data, software applications used in the business, payouts, manifests, equipment, sales, etc.

As you can see, the cannabis industry stores a lot of valuable information that could prove very profitable to an attacker.

#2 Multiple Points of Entry

Just as a bank may have multiple doors from which customers enter, or even a ventilation system that could be used to gain access (like Tom Cruise in Mission Impossible), your network has multiple points of entry from which a hacker could gain access. In the cybersecurity field, we refer to these as attack vectors, and there are many. I’m listing the more popular ones below to give you an idea of how a hacker may compromise your system:

  • Email: The #1 entry point into your network is also often difficult to discern between real and fake. They may contain a malicious attachment, a link to a malicious website, or an attachment that contains a malicious link embedded within it.
  • USB Devices: Be cognizant and ensure external devices are scanned for viruses regularly. Inserting an infected device into your computer can compromise your entire network.
  • Mobile Devices: Staff who connect personal laptops to the company’s network or who use company laptops on their home network put the security of your data at risk. Also consider your policy on mobile devices (phones, iDevices, etc.) as the new BYOD (Bring Your Own Device) workplace has become a hotbed for hackers.

These are but a few of the more popular methods by which a system can be compromised. Implementing mature countermeasures to thwart these types of attacks will mitigate your risk and thereby enable an effective and efficient response.


Real-World Example:

In February of 2018, Washington State’s marijuana traceability application was hacked. The intruders were able to access and steal route information, manifests and vehicle transport information such as license plate and VIN numbers.

Learning objective:

Besides theft of customer information, hackers will compromise networks to steal business intelligence. Whether to sell on the Darkweb, to sell to your competitor, or for their own personal gain, there are numerous reasons to steal this information.  Having a mature security posture in place that can detect these attacks is a key element in keeping your data secure and free of prying eyes.


#3 Immature Security Posture

Unfortunately, when it comes to cybersecurity, companies fail to invest the necessary capital needed to ensure the security of their digital assets. From fortune 100 companies to the SMB, this problem transcends the size of the company. Now, consider the cannabis market: an industry in its infancy with regards to mainstream acceptance and an established IT Security infrastructure. If large corporations face resource challenges, it’s fair to say that the cannabis industry will experience similar challenges.

#4 Untrained, Underfunded or Understaffed Security Team

The cybersecurity industry is currently challenged with a shortage of qualified individuals to combat, defend and respond to the number of threats. Therefore, supply and demand logic dictates that where there is a low supply within a high-demand economy, prices of that product or service will increase. As such, security professionals command high (six-figure) salaries, constant training to keep skills relevant, and resources/tools to do their jobs. This is a huge expense for a company.

What to do

So what can you do? First and foremost, I hope that you have a better understanding of why the cannabis industry makes for a good target. Secondly, I hope that you take action. Here are some recommendations for establishing a solid cybersecurity posture:

  • Keep systems and applications patched and updated

This is one of the most overlooked areas of data security. Hackers exploit vulnerabilities. Vulnerabilities are fixed by patches/updates.

  • Install a good anti-virus (AV) program

Although it should be augmented with other solutions, having a good AV solution is considered one of the first steps in securing your data.

  • Implement User & Entity Behavior Analytics (UEBA)

Many of today’s threats can bypass the best anti-virus solutions. Having a mature UEBA capability will enable your staff to be alerted on those threats that get past your AV and/or those zero-day threats that AVs do not yet know about.

  • Integrate a Security and Information Event Management (SIEM) Platform

A SIEM is an application/platform that will ingest all your security logs from each of your devices and applications, apply sophisticated algorithms, and make intelligent decisions to alert your as to the state of your network, and if you have been compromised.

  • Monitor your network 24x7x365 via a Security Operations Center or other means

In my 30 years in Information Technology and security, I have YET to hear a hacker say, “Okay guys—pack it up. Everyone is gone for the day. Let’s pick it up tomorrow where we left off.” The reality is, attacks are happening throughout the day and into the night, every day, every night, all year, every year. Therefore, the state of your network must be monitored accordingly.

  • If you do not have the resources to hire in-house staff to manage the above recommendations, outsource it to a reputable MSSP.

Businesses must understand that investing in cybersecurity is no longer an option. It is a necessity, and as such, needs to be included when making financial and resource allocation decisions. Failure to invest securing your data will result in not only a compromise of your network, but loss of data, customer trust, revenue, fines, etc. MSSPs provide an affordable way for businesses to address this problem.

Conclusion

The cannabis industry stores tons of valuable information that is very lucrative to attackers. Hackers will steal this information through various means, utilizing multiple attack vectors as entry points. They will use everything at their disposal to take advantage of the immature security posture of the industry by exploiting vulnerable systems.

Unfortunately (and by no fault of the owner or staff), many of these systems are being monitored by untrained staff, or not being monitored at all. And while data security is not a focal point of business owners within the industry, certain aspects and stages of the supply chain are subject to government security compliance standards. For example, if you accept credit cards, you are required to follow the PCI-DSS. If you store patient/medical information, you are subject to follow the standards set forth by the HIPAA.

We envision a more secure industry through education and implementation, as well as the protection and privacy of data belonging to both the consumer and the business.  BLAZE is a Managed Security Service Provider (MSSP), providing affordable cybersecurity solutions to the cannabis industry. We manage all data security and government compliance requirements, as we ensure the security and compliance of customer’s private information as well as your business intelligence.

About the Author

MITCH HARRIS is a former government cyber-intelligence and counter-surveillance expert. He has worked matters of national security for almost every three-letter agency within the federal government. In 2003 his family was delivered devastating news as a loved one was diagnosed with Lymphoma/Cancer. For two years he watched her suffer before succumbing to the disease in 2005. Compelled to research alternative methods, Mr. Harris discovered the healing properties of cannabis. In 2013 his family was once again blindsided with life-altering news as another loved one was diagnosed with the disease. Determined not to have history repeat itself, he suggested cannabis as a supplemental treatment and pain reliever. That loved one is not only managing their pain, but has lived cancer-free for the past five years. Wanting to give back to the industry that had given him so much, Mitch subsequently left the federal government – leveraged his training, expertise & knowledge and started BLAZE Cybersecurity. As president of BLAZE, his mission is to help foster the growth of the industry through securing the integrity and privacy of the data, intellectual property, and business intelligence needed for cannabis businesses to be successful.

For more information on BLAZE, visit our website or drop us an email. And be sure to follow us on social media.

The post 4 Reasons Hackers are Targeting the Cannabis Industry appeared first on Dope Magazine | Cannabis News and Reviews.

Source

4 Reasons Hackers are Targeting the Cannabis Industry

Comments

Comments are disabled for this post.

Position statement: Avoid using medical marijuana to treat sleep apnea: Sleep apnea should be excluded from state medical cannabis programs — ScienceDaily

click photo for more information
Position statement: Avoid using medical marijuana to treat sleep apnea: Sleep apnea should be excluded from state medical cannabis programs — ScienceDaily
Medical cannabis and synthetic marijuana extracts should not be used for the treatment of obstructive sleep apnea, according to a position statement from the American Academy of Sleep Medicine (AASM). In November 2017 the Minnesota Department of Health announced the decision to add obstructive sleep apnea as a new qualifying condition for the state’s medical […]
1
1

Medical Cannabis Petition Fails; Seven Measure Go to Statewide Vote – Dakota Free Press

click photo for more information
Medical Cannabis Petition Fails; Seven Measure Go to Statewide Vote – Dakota Free Press
As expected, the medical cannabis initiative has failed to make the ballot. Yesterday Secretary of State Shantel Krebs rejected the petition submitted by Angie Albonico, Melissa Mentele, and New Approach South Dakota asking for a statewide vote on legalizing the use of cannabis for medical purposes. Secretary Krebs counted 15,157 signatures on the petition, 8.4% […]
0
1

The Netherlands Bans Public Cannabis Consumption in This City Centre

click photo for more information
The Netherlands Bans Public Cannabis Consumption in This City Centre
Controversy over public cannabis consumption is brewing again in the Netherlands. This time, however, it’s not the nation’s famed “coffee shops” that are in hot water. Rather, it’s their noisy English-speaking clientele, who’ve apparently been annoying enough to prompt one city to take action. Responding to mounting complaints from residents, The Hague has put the […]
0
2

Australian Greens announce push to legalise cannabis

click photo for more information
Australian Greens announce push to legalise cannabis
‘Cannabis use is a reality in Australia, let’s just legalise it’ Read More
0
1

Cannabis, Compassion and Culture: Ladybud Is Back from Break

click photo for more information
Cannabis, Compassion and Culture: Ladybud Is Back from Break
Share this with your friends Time has a way of slipping forward ruthlessly, no matter our best intentions. In some ways, it seems like only yesterday that Ladybud was publishing every weekday. In the meantime, many of the people involved with the publication have begun doing incredible things, like the Ladybud Show livestream podcast. During […]
1
3

Canadian cannabis companies find funding alternative with debt financing

click photo for more information
Canadian cannabis companies find funding alternative with debt financing
Canada’s capital-hungry cannabis companies are increasingly turning to debt financiers to fuel growth as the country marches toward legalization late this summer. With no marijuana sales yet and lingering regulatory hurdles, some lenders – namely the big banks – have been hesitant to step in. That has allowed firms like Cannabis Wheaton, CannaRoyalty’s Trichome Yield […]
0
5

Cannabis for Beginners – Here’s Where You Start

click photo for more information
Cannabis for Beginners – Here’s Where You Start
Are you new to cannabis? Are you interested in revisiting cannabis after stepping away from it during your younger years? Are you unsure of where to start? Look no further than Civilized’s new video series “Cannabis for Beginners” with founder Derek Riedle. Cannabis culture and consumption has changed dramatically over the last few decades. More states […]
0
1

Cannabis for Beginners – Here’s Where You Start

click photo for more information
Cannabis for Beginners – Here’s Where You Start
Are you new to cannabis? Are you interested in revisiting cannabis after stepping away from it during your younger years? Are you unsure of where to start? Look no further than Civilized’s new video series “Cannabis for Beginners” with founder Derek Riedle. Cannabis culture and consumption has changed dramatically over the last few decades. More states […]
0
1

Milk Makeup Launching a Kush Mascara With Cannabis Oil

click photo for more information
Milk Makeup Launching a Kush Mascara With Cannabis Oil
Milk Makeup is launching a Kush Mascara, which contains cannabis oil, on April 20. The cannabis oil acts to fuse the mascara’s heart-shaped fibers to lashes. Read More
0
1

Rohrabacher works new cannabis bill following Trump pledge (Newsletter: April 17, 2018)

click photo for more information
Rohrabacher works new cannabis bill following Trump pledge (Newsletter: April 17, 2018)
McConnell fast-tracks hemp bill; PA approves whole-plant medical marijuana; Senator debates anti-legalizer  to receive Marijuana Moment’s newsletter in your inbox every weekday morning. It’s the best way to make sure you know which cannabis stories are shaping the day. Your support makes Marijuana Moment possible… Thank you so much to the growing number subscribers who […]
13
9

What John Boehner’s Pivot On Cannabis Tells Us About The Legal Weed Boom : Code Switch : NPR

click photo for more information
What John Boehner’s Pivot On Cannabis Tells Us About The Legal Weed Boom : Code Switch : NPR
A passer-by examines a cannabis sample at the New England Cannabis Convention held in Boston back in March. Some polls show that six in 10 Americans favor marijuana legalization. Steven Senne/AP hide caption toggle caption Steven Senne/AP A passer-by examines a cannabis sample at the New England Cannabis Convention held in Boston back in March. […]
0
15

Pa. Approves Sale of Dry Medical Marijuana, Use of Cannabis to Treat Opioid Withdrawal – Philadelphia Magazine

click photo for more information
Pa. Approves Sale of Dry Medical Marijuana, Use of Cannabis to Treat Opioid Withdrawal – Philadelphia Magazine
City Pa. Approves Sale of Dry Medical Marijuana, Use of Cannabis to Treat Opioid Withdrawal Here’s what the means for the state’s medicinal cannabis industry. Those who are registered for the state’s medical marijuana program will soon find a new product on the market: dry leaf and flower. The state greenlighted the sale on Monday, with […]
0
9

Colorado occupations where people use the most cannabis

click photo for more information
Colorado occupations where people use the most cannabis
The Colorado Department of Public Health and Environment released a study that lists the occupations in which marijuana use is the most common. Read More
1
6

Israeli Medical Cannabis Firm Signs Deal To Sell 5 Tons Of Cannabis Oil In Canada

click photo for more information
Israeli Medical Cannabis Firm Signs Deal To Sell 5 Tons Of Cannabis Oil In Canada
April 16, 2018 | Israeli cannabis company Together Pharma has announced that its subsidiary Globus Pharma, specializing in the medical cannabis sector, has signed a Memorandum of Understanding (MOU) to sell medical cannabis or oil to an unnamed Canadian company with a license to grow, product and import medical cannabis, a statement from the Israeli […]
0
12

Friendlier Feds Change the Game for Cannabis Stocks

click photo for more information
Friendlier Feds Change the Game for Cannabis Stocks
Until last week, the most important news to date for the cannabis industry, in my view, was the 2013 Cole Memorandum, which gave the green light to Colorado and Washington to move forward with cannabis legalization. The memorandum specified eight priorities for Department of Justice attorneys with respect to enforcement of the Controlled Substances Act […]
0
7

Hemp Is the Multibillion-Dollar Cannabis Opportunity Few Have Heard About

click photo for more information
Hemp Is the Multibillion-Dollar Cannabis Opportunity Few Have Heard About
April 17, 2018 6 min read Opinions expressed by Entrepreneur contributors are their own. That $100 million could soon be going back to American farmers and businesses, thanks to the recent introduction of the Hemp Farming Act of 2018 by Senate Majority Leader Mitch McConnell (R-KY). The bill, announced by McConnell and supported by a […]
0
19

Healthy Cannabis Roots Equal Bigger Marijuana Yields · High Times

click photo for more information
Healthy Cannabis Roots Equal Bigger Marijuana Yields · High Times
One of the single most important factors of how well a marijuana plant will grow, and how much it can yield, is the health and strength of its root system. Below the surface of your growing medium, the root mass is comprised of a tangled web of roots that store sugars and starches (cannabis plant […]
172
14

Lamar Odom Is Starting A New Business Venture In The Cannabis Industry

click photo for more information
Lamar Odom Is Starting A New Business Venture In The Cannabis Industry
#Roommates, #LamarOdom may no longer be in the NBA, but he’s finding ways to keep busy! According to @USAToday, Lamar is creating a new line of marijuana-infused products for growing markets where weed is legal. Lamar has been very open Read More
259
13

Will Herbert’s opposition to the medical cannabis initiative have an impact? Our ‘Political Insiders’ don’t think so

click photo for more information
Will Herbert’s opposition to the medical cannabis initiative have an impact? Our ‘Political Insiders’ don’t think so
Polls show that more than 3/4 of Utahns support a proposed ballot initiative to legalize medical cannabis. Despite that overwhelming support, Gov. Gary Herbert recently said he would “actively oppose” the ballot initiative. Our “Political Insiders” say Herbert’s opposition to legalizing medical marijuana won’t make much difference if the initiative makes the ballot in November. […]
0
14

American Chemical Society Offers Scholarship For Cannabis Chemists

click photo for more information
American Chemical Society Offers Scholarship For Cannabis Chemists
Cannabis enthusiasts aren’t top of mind when people think about scholarly go-getters, but the American Chemical Society doesn’t buy the stereotype. The nonprofit organization, which turns 141 years old today, April 6, founded its Cannabis Chemistry Subdivision in 2015. Now, it wants more brains to get in the mix. The Cannabis Chemistry Subdivision awarded its first […]
0
40

How To Treat Eczema With Cannabis · High Times

click photo for more information
How To Treat Eczema With Cannabis · High Times
Cannabis has an ever-growing list of medical applications. In the 29 states with medical marijuana programs, dermatologists are explaining to patients with skin conditions, such as eczema, that cannabis can be an effective, and all-natural treatment. Here’s a definitive guide on how to treat eczema with cannabis. Eczema: A Brief Overview Eczema is the overarching name […]
105
45

Seattle cafe to offer cannabis-infused lattes

click photo for more information
Seattle cafe to offer cannabis-infused lattes
The lattes will be made with cannabis’ calming non-psychoactive, so the drinks’ won’t make you high – just chill you out. Read More
192
26

Death Count From Synthetic Cannabis Consumption Keeps Rising

click photo for more information
Death Count From Synthetic Cannabis Consumption Keeps Rising
Despite efforts from law enforcement, the death count from synthetic cannabis consumption keeps rising in Illinois. The latest victim to fall prey to the dangerous chemical cocktail was a young woman who died on March 28. Although officials have not yet determined the 22-year-old’s cause of death, her autopsy revealed the tell-tale signs of poisoning […]
18
19

Harvest One Debt-Free with Cash Balance at $80 Million after Debt Conversions – New Cannabis Ventures

click photo for more information
Harvest One Debt-Free with Cash Balance at $80 Million after Debt Conversions – New Cannabis Ventures
Visit the and stay up to date with data-driven, fact based due diligence for active traders and investors. Harvest One Converts all Outstanding Debentures to Ordinary Shares and Maintains $80m Cash Position VANCOUVER, April 5, 2018 /CNW/ – Harvest One Cannabis Inc. (TSXV:HVT) (“Harvest One” or the “Company”) is pleased to announce that, further to […]
33
37

New Survey Suggests Most Seniors Support Medical Cannabis

click photo for more information
New Survey Suggests Most Seniors Support Medical Cannabis
by Addison Herron- Wheeler | According to a , most older folks support medical cannabis as long as a doctor recommends it. The survey makes the distinction that while most seniors are not prescribed medical cannabis, they are not opposed to it, either, as long as it is under a doctor’s orders. Four out of five […]
18
65

Irish Psychiatrist Claims Cannabis ‘Does More Damage To Humans Than Any Drug That Is Out There’

click photo for more information
Irish Psychiatrist Claims Cannabis ‘Does More Damage To Humans Than Any Drug That Is Out There’
A psychiatrist at the Irish Medical Organisation claims cannabis has no medical worth and is a highly dangerous substance. Read More
5
14
load more posts