Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label SMBs. Show all posts
Tech Industry
Data Breach data security Hacker attack NordVPN Retail Industry SMBs Tech Industry

Why Small Businesses Are Major Targets for Cyberattacks and How to Defend Against Them

 

Recent research by NordPass and NordStellar, backed by NordVPN, has shed light on small private businesses being prime targets for cybercriminals. After analyzing around 2,000 global data breaches over two years, they found that retail and technology sectors, particularly small companies in the U.S., were highly attractive to hackers.  

Small- and medium-sized businesses (SMBs) are especially vulnerable due to limited cybersecurity resources and sometimes underestimating their value to hackers. Cybercriminals exploit common weaknesses like poor password practices, phishing attacks, and malware infections. Even technology firms—often thought to be well-protected—are at risk when human error allows hackers to bypass their defenses. 

One reason hackers favor small businesses is the prevalence of reused and weak passwords. Many attacks are untargeted; instead, hackers run credential-surfing or dictionary attacks across broad sets of data. When employee credentials are found in leaked databases, they provide easy entry points for cyberattacks, often resulting in financial and reputational damage that can be catastrophic for smaller firms. 

To protect against such threats, businesses are advised to adopt several practices. One essential tool is using a Virtual Private Network (VPN), which encrypts internet traffic, safeguarding remote employees who may connect via public Wi-Fi. This encryption layer prevents hackers from intercepting sensitive data, ensuring businesses and employees remain protected in various working environments. 

In addition to VPNs, companies can enhance security by employing password managers, which generate strong, unique passwords. Passwords are often the first line of defense, and using complex ones significantly reduces the risk of unauthorized access. Cybersecurity audits, ideally conducted by third-party experts, also play a vital role. These audits help uncover vulnerabilities and reinforce trust with customers by demonstrating the company’s dedication to data security. 

Employee training is another effective line of defense, as human error is a common cause of data breaches. Many incidents occur when employees fall for phishing scams or fail to follow security best practices. Regular cybersecurity training ensures staff are better equipped to recognize and avoid threats, thereby reducing potential risks. 

By implementing these protective measures, small businesses can better shield themselves from cyber threats. In today’s digital landscape, investing in cybersecurity isn’t just a precaution; it’s essential for the long-term viability of any business, big or small.
Read more »
Spoofing
Cyber Attacks Ransomware Sensitive data SMBs Spoofing

Why SMBs Have Become Easy Prey for Cyber Criminals

 



The global phenomenon of cybercrime is emerging. And the soft targets in this regard are the small and medium-sized business enterprises. Day after day, while a few cyberattacks on big corporations capture the headlines in the news, many SMBs experience similar attacks, but these never gain much attention. However, the damage inflicted on them can be just as debilitating as those affecting the large corporations.

Actually, SMBs are so vulnerable to cyber attacks for several reasons. For instance, most SMBs cannot afford to pay for professional and effective cybersecurity solutions. As compared to large businesses that budget millions of money for cybersecurity, SMBs only spend a small amount on the protection systems hence becoming easy targets. Small businesses usually have just a few IT staff who are not as skilled in dealing with the sophisticated nature of contemporary cybersecurity threats.

Another reason is that most SMB owners do not treat cybersecurity issues seriously enough. Cybersecurity is rarely on their priority list, and owners give more attention to ready operational issues rather than long-term digital security. In this area of complacency, the wide open window to many cyber threats, including phishing attacks, malware, and ransomware attacks, counts in favour of SMBs.


Cyber Threats Amongst SMBs

Among other problems facing SMBs is ransomware. Attackers of ransomware attack by locking or exfiltrating the company's valuable data. They then send messages demanding payment for the access to the data again. In the absence of proper data backup, an SMB will be caught between a rock and a hard place-to pay the ransom or to lose all the data.

Besides the ransomware, phishing attacks targeting SMBs involve hackers impersonating legit sources for extracting sensitive information. Malware and spoofing attacks may alter or camouflage digital communications to deceive the users.

In addition, cybercriminals often use SMBs as stepping stones to access larger businesses that they associate themselves with. Therefore, hackers can leverage any security loopholes in an SMB to their bad books by using such information to act against larger attacks.


Why Cybercriminals Prefer Targeting SMBs

Cybercriminals focus on SMBs as these are comparatively softer targets. Small organisations are unlikely to be as advanced in cybersecurity matters as big ones. Although they are applying widely used tools like Microsoft Excel, Outlook or cloud services, SMBs often fail to secure those platforms properly.

Furthermore, cyber attackers know that vulnerabilities in SMB systems may eventually find a way into more harmful attacks. For example, if the attackers succeed in stealing all the client or customer data in SMBs, they can use the same stolen information at later dates to link it with other available stolen information in conducting even more devastating cyberattacks.


How Small and Medium Businesses Can Avoid Cyberattacks

Small and medium-sized organisations will need to be proactive in preventing cyberattacks. Although investment in cybersecurity software is important, it is more than this. A good starting point would be implementing some easy security protocols, such as email authentication and spam filters, but training employees on the warning signs and what to do can make all the difference.

For example, one important step that an SMB must take is the development of a cybersecurity plan. The plan should detail the procedures for maintaining access and properly handling sensitive data, including permission management and regularly backing up important files. The IT departments of the SMBs need to be very vigilant with the monitoring of access to cloud-based and locally stored data, protecting it from unauthorised access.

Since SMBs can no longer claim to be immune from cyber threats, in the digital world of today, the SMBs must crack down and invest in measures aimed at protecting their businesses against cyber threats. Make haste to ensure that appropriate security measures are put in place and guard themselves against potentially costly cyberattacks that could jeopardise their operations and reputation otherwise.


Read more »
SMBs
Australian Businesses Australian Government Cyber Security cyber threat Small Businesses SMBs

Australian SMBs Faces Challenges in Cyber Security


The internet has turned into a challenge for small to midsize businesses based in Australia. In addition to the difficulty of implementing innovative technology quickly and with limited resources because of the rate of invention, they also face the same cyberthreats that affect other organizations. Then, as 60% of SMBs close following a breach, companies that are breached are likely to fail later.

This has raised concerns of the regulators. 

According to a recent report by ASIC, ‘medium to large’ business firms are recently been reporting severe cyber security capabilities in comparison to other organizations, including supply chain risk management, data security, and consequence management.

In response to the aforementioned threats, the Australian government has announced an AU $20 million package to boost small businesses. An optional cyber "health check" program is being established as part of this to assist small business owners in assessing the maturity of their cyber security. A Small Business Cyber Resilience Service, which will offer a one-on-one service to assist small firms in recovering from a cyber assault, will also receive $11 million of the package. 

This initiative will focus on areas where SMBs are the most vulnerable. However, small firms will also need to take it upon themselves to place a lot greater emphasis on resilience than they have been doing in the face of growing cyber threats. 

The Risk in Numbers 

The ASIC research analysis found that small businesses are only slightly more effective than half of their medium and big counterparts in several areas, such as identifying threats and overcoming them.

The significant percentages of small businesses are as follows:

  • Do not follow or benchmark against any cyber security standard (34%).
  • Do not perform risk assessments of third parties and vendors (44%).
  • Have no or limited capability in using multi-factor authentication (33%)./ Do not patch applications (41%).
  • Do not perform vulnerability scans (45%). Do not have backups in place (30%).

The Cost to Small Business

The Annual Cyber Threat Report 2022-23 published by the Australian Signals Directorate reveals that the average cost of cybercrime has increased by 14% over the past year. Small firms paid $46,000, medium-sized organizations paid $97,200, and bigger enterprises paid $71,600.

Of course, that is a financial burden for any business, but it seems to be especially harmful for SMBs. Approximately 60% of small firms that experience a breach ultimately go out of business as a direct result of it.

These organizations face a real existential threat from cyber security. Even those who manage to escape the breach's direct costs still have to deal with the harm to their reputation, which can cost them partners and customers as well as short-term cash flow. In the best-case scenario, a cyberattack "just" prevents the small business from expanding and growing.

What can Small Businesses do? 

After identifying the restrictions on resources available to small businesses, the ASD and Australian Cyber Security Centre have designed the Essential Eight, a set of best practices for security and small enterprises. These are as follows:

  • Creating, implementing and managing a whitelist of approved applications. 
  • Implementing a process to regularly update and patch systems, software and applications.
  • Disabling macros in Microsoft Office applications unless specifically required, and training employees not to deploy macros in unsolicited email attachments or documents. 
  • Securing the configuration of web browsers to prevent harmful content, hence hardening user applications. Keeping browser extensions up to date and only using those that are required.
  • Restricting administrative privileges to those who need them. 
  • Configuring operating system patching through automatic updates.
  • Using strong, unique passwords and enabling multi-factor authentication. 
  • Isolating backups from the network and performing daily backups of important data.  

Read more »
Threat actors
Cyber Attacks Huntress SMB Report Malware Free Attacks RMM Software SMBs Threat actors

SMBs Witness Surge in ‘Malware Free’ Attacks


According to the first-ever SMB Threat Report from Huntress, a company that offers security platforms and services to SMBs and managed service providers (MSPs), the most common threats that small and medium businesses (SMBs) faced in Q3 2023 were "malware free" attacks, attackers' growing reliance on legitimate tools and scripting frameworks, and BEC scams.

“Malware Free” Attacks on the Rise

In 44% of cyberattack incidents, attackers tend to deploy malware. However, in the remaining 56% of events, scripting frameworks (like PowerShell) and remote monitoring and management (RMM) software were used along with "living off the land" binaries (LOLBins).

The increased use of RMM software has turned out to be a concerning trend that is challenging to reverse.

“At the SMB level, LOLBin use is especially concerning given the state of monitoring and review for many organizations. Many critical entities—from local school districts to medical offices—may find themselves at best leveraged for cryptomining or botnet purposes, and at worst, the victims of disruptive ransomware,” the researchers noted.

The researchers notes that in over 65% of security incidents, threat actors utilize RMM software as their methods for persistence or remote access mechanisms following the initial access to the victim user's system.

Since RMM tools are largely used as legitimate software, in case they are used for any intrusion purpose, they can readily evade anti-malware security and blend in with the environment when employed for infiltration purposes. Additionally, few small businesses audit the use of RMM tools.

“In some cases, Huntress has observed adversaries diversifying among several RMM tools, such as using a combination of commercial and open-source items, to ensure redundant access to victim environments,” the researchers noted. “Therefore, monitoring RMM tool use and deployment within defended or managed environments is an increasingly important security hygiene measure to ensure owners and operators can identify potential malicious installations.”

Additional Findings

Affiliates of ransomware and operators of business email compromise (BEC) persist in their targeting of end users through the use of phishing.

Notably, malicious forwarding or other inbox rules were engaged in 64% of identity-focused assaults that SMBs faced in Q3 2023, while logins from strange or suspect places were linked to 24% of these attacks.

“While the ultimate goal of such activity remains, in most cases, BEC, defensive visibility and adversary kill-chain dependencies mean these actions are largely caught at the account takeover (ATO) phase of operations,” the experts concluded.

In 2023, Qakbot-related cybersecurity incidents have declined, with this downward trend anticipated to continue.

The findings further note that 60% of ransomware incidents were caused by uncategorized, unknown or "defunct" ransomware strains. This demonstrates a variation in the kind of ransomware frequently observed in corporate settings, where "known-variant ransomware deployments" are the primary target.

“Whether for monetization purposes through ransomware or BEC, or potentially even state-directed espionage activity, SMBs remain at risk from a variety of entities,” the researchers added. 

The researchers further raised concerns towards the adversaries that are exploiting the gaps in  users’ visibility and awareness over evading security controls. While spam filtering and a solid anti-malware program used to be enough for a small business to "get by," the current threat landscape makes these straightforward efforts inadequate.


Read more »
SMBs
CISA Cyber Securities Cyberattacks IIT Small Businesses SMBs

Cybersecurity Experts are Scarce for Companies and SMBs

 


In 2023, more than half of small and midsized businesses (SMBs) intend to increase their expenditures on cybersecurity — which is a positive development since six out of ten firms (61%) do not have cybersecurity staff, about half (47%) do not have incident response plans, and 40% do not conduct formal awareness training on cybersecurity. 

A study by Huntress of IT professionals at small and medium-sized businesses with 250 to 2,000 employees published on March 15 indicates that although many of the respondent organizations have deployed a range of cybersecurity products, they found that they are not the only ones. Even though they tend to ignore basic defensive measures (email security (86%), endpoint protection (79%), and network protection (73%), the US Cybersecurity and Infrastructure Security Agency (CISA) recommended recently that workers supplement their password security with two-factor or multiple-factor authentication as a means of strengthening their password security.  

As a result of their lack of preparation, understaffing, and/or under-resourcing, a majority of these companies feel unprepared or under-resourced to respond to evolving threats. Many of these businesses face difficulties obtaining cybersecurity insurance coverage and ensuring their employees are properly trained on security issues. According to Huntress' report, several midsize companies know multiple cybersecurity layers are necessary. However, there are significant gaps in the tools and planning processes used by these businesses. 

Additionally, a full third of the respondents (34%) said they are unaware of advanced threats and do not believe they could detect them. 

According to Roger Koehler, CISO at Huntress, a substantial percentage of individuals are unaware that their identities have been targeted. For these organizations to remain protected, visibility is of the utmost importance. This is because malicious actors can spend weeks or even months sitting in their networks, gaining footholds, and gathering information to perform their attacks. 

According to the Huntress study, 14% of respondents in this business segment confirmed having experienced an attack within the last year. There was also 10% of IT professionals unsure whether there had been a cyberattack during the survey period. In the United States, there are about 6 million companies between the ages of 250 and 2000 that employ 250 to 2,000 people. Those numbers add up pretty quickly. 

Cyber Spending is Expected to Increase 

It was interesting to read that Huntress also found that 49% of organizations are planning to spend more money on cybersecurity in the upcoming year. This is to meet the staggering need for increased knowledge and preparedness in the cybersecurity arena. A proactive approach to cybersecurity on the part of such a large number of small and medium-sized businesses is encouraging, Koehler says, rather than simply reacting to attacks as they occur. As a result, the biggest challenge in spending that budget will be finding the right employees within the organization. 

"It seems that middle-sized businesses are not just waiting for an attack to occur and subsequently reacting to them, but are investing in preventative measures so that these attacks can be prevented before they ever take place," Koehler says. As well as having the right people on your team, midsize businesses could benefit from having the right people to deal with attacks.  It is estimated that there are 700,000 cybersecurity jobs available as of the end of last fall, which is an increase of 43% from the end of 2021. Finding cybersecurity professionals in high demand is becoming increasingly difficult with the increase in burnout and dissatisfaction among cyber professionals. 

Managed cybersecurity services will experience significant growth in the coming years, thanks to the combination of stronger budgets and a stronger market for talented cybersecurity professionals. An analysis by McKinsey published in October concluded that this is the case. Consultants for the company believe that managed security service providers will be able to capture the majority of market share, as well as security-and-operations management projects.

According to McKinsey's analysis, over the next two years, its forecasted shift of allocated security spending to internal compared to third-party services is expected to increase across all segments of the market. Whenever talent is an issue, companies will need to turn to outsourced services when it comes to achieving strong security results, as long as talent remains a challenge. 
Read more »
Subscribe to: Posts (Atom)