Small and medium-sized businesses (SMBs) contribute greatly to the global economy: SMBs represent more than 90 percent of all businesses worldwide, according to the World Trade Organization. A cyberattack can cause businesses to lose confidential information, funds, and valuable market share. Criminals are trying to reach their targets in many different ways.
In the SMB sector, what’s more important is to define the threats it faces – and how to prevent and detect them. Small businesses also consider cybersecurity incidents to be one of the most challenging types of crises.
SMBs could have a number of vulnerable points, according to eScan experts, which led to the emergence of several major cyberthreats they should be aware of.
1 Intentional data leaks by employees
A significant portion of remote workers used corporate computers for entertainment purposes during the pandemic, including playing online games, watching movies, or using e-learning systems – which continues to present a significant financial risk to companies. Two-thirds of employees say they wouldn’t return to the office, while the remainder claim to have a shorter work week, a trend that is here to stay.
Cybersecurity has improved since the pandemic and the adoption of remote work by organizations en masse. However, corporate computers used for entertainment remain an important way to gain initial access to a company’s network. Users encounter a variety of malware when looking for alternative sources to download a new episode or film, such as Trojans, spyware, and backdoors. Trojans harmed 35% of consumers who encountered dangers disguised as streaming sites, according to eScan statistics. If such software finds up on a company computer, attackers may even breach the corporate network and look for and steal sensitive data, including both business development secrets and personnel information, from that device.
There is also a propensity to blame former employees for potential data leaks. Only 50% of the executives of recently polled companies are certain that former employees cannot access company data stored in cloud services or use corporate accounts. A former colleague might not even be aware that they had access to a certain resource. But the same regulators could discover through normal inspection that unauthorised individuals do in fact have access to private data, in which case a punishment would still be imposed.
While you may be certain that everyone with whom you parted ways on good terms did so, that doesn’t necessarily mean things have ended. Can anyone confirm they did not access work systems with an insecure or non-unique password, which attackers could try to guess? A system’s attack surface is significantly increased when duplicate access is granted, whether through a virtual machine, a collaboration environment, or work email. Social engineers could target a simple conversation between coworkers about unrelated matters.
2. DDoS attacks
Distributed Network Attacks (DNAs) are also known as Distributed Denial of Service (DDoS) attacks. This type of attack exploits the specific capacity limits that apply to any network resource, such as the infrastructure that powers a company’s website. The DDoS attack will send numerous requests to the targeted web resource in an effort to overwhelm its capacity to handle numerous requests and interfere with the website’s proper operation.
Organizations like banks, media assets, or merchants are usually targets of DDoS assaults, therefore attackers turn to a variety of sources to carry out their actions. The German meal delivery business Takeaway.com (Lieferando.de) was recently the victim of cybercriminals who demanded two bitcoins (about $11,000) to halt the traffic. Additionally, DDoS attacks on online merchants frequently increase around the holidays because that is when their customers are the most active.
Additionally, there is an increasing trend for gaming companies to expand. Early in August, an attack targeted the Final Fantasy 14 data centres in North America. Players encountered problems with connections, logins, and data sharing. Call of Duty, World of Warcraft, Overwatch, Hearthstone, and Diablo: Immortal were just a few of the multiplayer games that Blizzard has released.
3. Supply chain
If you are attacked through a supply chain, a service or programme you’ve used for a time has probably turned malevolent. These are attacks committed by outside parties who are employed by the company; examples include financial institutions, logistics partners, and even food delivery services. Such actions can also differ in their intricacy or degree of destruction. For instance, hackers exploited Ex Petr (also known as Not Peaty) to take over the M.E.Doc accounting software’s automated update system and force it to distribute the ransomware to all users. Ex Petr consequently infected both big and little firms, resulting in damages worth millions of dollars.
Recent examples that caught our attention were Dicey F incidents that occurred in Southeast Asia. The primary targets were an online casino developer and operator, as well as a customer support platform, which were attacked in the style of The Ocean 11. Or consider the Smudge X incident, in which an unknown APT compromised a distribution server and replaced a legitimate installer with a Trojan zed one, thereby spreading malicious Plug X throughout a South Asian country to all federal employees who had to download and install the new, required tool. Certainly, the IT support team in charge of the distribution server and the developers were impacted.
4. Malware
Malicious files can be found anywhere; if you download unauthorised files, make sure they won’t hurt you. The most current threats are encryption tools that target a company’s data, finances, or even the private information of its owners. To bolster this, it’s important to note that more than a quarter of small and medium-sized enterprises choose unlicensed or pirated software as a cost-saving measure. Such software might contain certain harmful or unwanted files that could harm business networks and systems.
Additionally, business owners need to be cautious of access brokers since in 2023, these groups will affect SMBs in a number of different ways. Cryptojacking clients, banking password thieves, ransomware, cookie thieves, and other troublesome software are just a few examples of their illegal access clients. One illustration is the spyware called Emotet, which targets enterprises all over the world and steals financial passwords. DeathStalker, a gang best known for its assaults on financial, legal, and travel institutions, is another organisation that preys on small and medium-sized organisations. The primary means by which the group achieves its objectives is through stealing trade secrets about legal cases involving high-profile individuals and significant financial holdings, competitive business intelligence, and insights into mergers and acquisitions.
5. Social engineering
Many businesses have shifted a large portion of their workflows online and mastered the usage of new collaboration technologies since the COVID-19 epidemic first emerged. Since more people are using Microsoft’s Office 365 suite in particular, it should come as no surprise that phishing is increasingly focusing on those user accounts. In order to fool corporate customers into entering their credentials on a website designed to seem like the Microsoft sign-in page, scammers have been using all kinds of cunning techniques.
We’ve discovered a lot of new tactics that phishing scammers are using to trick business owners, some of which can be pretty elaborate. Some people imitate lending or delivery businesses by spreading phoney websites or sending emails with bogus financial records.
Some attackers pose as trustworthy websites in order to take advantage of their victims; these websites may even be relatively well-known money transfer providers like Wise Transfer.
Another warning sign identified by eScan experts is a link to a page that has been translated using Google Translate. To get beyond cybersecurity measures, attackers employ Google Translate. According to the email’s senders, the attachment is some sort of payment paperwork that is only accessible by the recipient and needs to be read in preparation for a “contract meeting presentation and following payments.” The Open button link directs you to a website that Google Translate has translated. But the URL takes you to a bogus website that the attackers set up to rob their victims of their money.
Cybercriminals will use any method at their disposal to contact their victims, including unauthorised software, phishing websites or emails, holes in the company’s security network, and even major DDoS attacks. However, a recent eScan survey revealed that 41% of SMBs have a crisis prevention plan. This suggests that these businesses care about cybersecurity and are aware of how difficult it can be to remediate an IT security incident. Ideally, this will lead to the implementation of trustworthy protective measures within these businesses.
eScan suggests the following measures to safeguard organisations against cyberattacks: – Implement a strong password policy, requiring a typical user account’s password to contain at least eight characters, one number, capital and lowercase letters, and a special character. If you suspect that these passwords have been compromised, make sure you update them. Use a security solution with a feature-rich integrated password manager to put this strategy into action without making additional efforts.
