Why are small businesses targets for cyber-attacks?
Updated Mon, January 30, 2023 1:13 EST
When it comes to terms like cybersecurity and cybercrimes, people think about large corporations only. However, when you look closely at recent cybercrime data, you will be shocked to discover that small and medium-sized businesses (SMBs) are even the targets of cybercriminals. Approximately 60 % of the attacks are targeted at SMBs. 61 % OF SMBs reported at least one cyber-attack in the last year. In comparison, 43% accounted for small businesses attacked by cybercriminals. 93% of the attacks took less than a minute to compromise the system.
National Crime Agency (NCA) and National Cyber Security Centre (NCSC) reported how the cybercrimes and scale of attack increased exponentially during the Covid-19 pandemic.
Now, the question that arises is why cybercriminals are targeting SMBs? And how do the small business owners protect themselves from this threat?
SMBs – the low hanging fruits
Smaller businesses are generally not well-equipped when it comes to IT security. Factors such as lack of resources, workforce, and complacency contribute to this. They have a wrong notion that because of the small size of operations, they will not invite attention from the hackers and, as a result, be safe from malicious attacks. But the reality is that because they are not well-equipped, hackers know they are soft targets and easy to infiltrate their systems.
Cybercriminals keep changing their strategies and target victims. They are generally one step ahead of cybersecurity experts. That is the reason why they never get caught. Many are nation state actors and take ransom money in cryptocurrency to avoid getting detected.
SMB’S - Gateway to bigger corporations
Hackers know that penetration through the defenses of large organizations is more difficult as they are better equipped and have a comprehensive cybersecurity solution in place.
Many small businesses are partners, associates, vendors, service providers to large corporations and thus linked to their IT Systems. If they are exposed, they automatically risk the larger organizations. Vice versa, if hackers manage to breach the large organization, the small business suffers much more.
SMBs are vulnerable to ransom demands
SMBs are vulnerable to cyber-attacks, and any ransomware demand can be highly damaging to their business.
To survive, they fall in line and pay up the ransom amount.
Single Incidents like these often force the SMBs to put their cybersecurity in place as they would not like a repeat incident. They realize that complacency in putting a robust IT policy in place had cost them millions of dollars. One of the significant threats to small businesses is a lack of security awareness among the employees, which is the leading cause of phishing and ransomware attacks. Errors on the part of employees like clicking on the link in emails often lead to breaches.
SMBs vulnerable to CEO frauds
The latest strategy deployed by hackers is posing as CEOs and sending emails to all employees. According to Symantec Research, CEO frauds target all types of business, with 40 % of targets being SMBs. When they see an email from their CEO, employees almost always click on it out of fear and curiosity. Once the link or mail gets clicked, hackers penetrate the system and compromise sensitive information.
One way of protecting from CEO fraud is to have a dual authorization process. Hence, such frauds will get thwarted on detection. Many SMBs have internal messaging tools that are difficult to compromise. Having a second pair of eyes helps in such fraudulent requests and saves businesses from substantial monetary losses.
The challenges are the same
Whether it is big business or small ones, the challenges posed by cybercriminals are the same. The threats are the same for everyone. Stolen credentials and ransomware are problems for everyone. However, mobile Malware and phishing are more significant threats in smaller businesses. It is possible because of over-reliance on multiple devices, which are exposed mainly through social engineering. During the pandemic, phishing increased from 46 % to 83 % by using pandemic-related themes-driven emails.
Cloud-based architecture processes billions of DNS requests from millions of users from businesses globally. The data has revealed four primary trends that covered the threat landscape.
- Trojans and droppers are the new forms of malware delivery.
- Evasive, multistage, and orchestrated attacks are the new norms.
- Crypto mining as part of ransomware is opening doors to new types of cyber threats.
- Attackers are using pandemic-related content and enticing unsuspecting victims for phishing attacks.
A new lease of life
Trojans like Gozi and Emotet, which have been around for years, are now being reused to evade anti-virus security and used to deliver new Malware into the system. It is part of multistage orchestrated attacks, which are becoming prevalent on the threat landscape.
Crypto mining is viewed as harmless, but it opens the door to risk and can be a massive threat on its own if the security software is not browser-based.
The fears of the pandemic have resulted in more phishing exploits as people are more prone to risky behavior. While SMBs are subjected to the same cyber threat drivers as larger organizations, it is the people who play a more significant role in thwarting malicious social engineering. Automation is required when the scale of operation is large, but in the case of SMBs, it's the humans that take center stage for deterrence.
How to protect SMBs from cyber attacks
- Business owners can educate employees about the threats from hackers and how cybersecurity is crucial to the safety of any organization. The first line of defense is often employees who can contribute to the company’s cybersecurity in several ways.
- Installing software patches and updates to address vulnerability and threats.
- Password management – using strong passwords and ensuring discipline in storing passwords, away from public spaces, and differentiating between personal and official passwords.
- Training employees to recognize phishing emails.
Despite all the precautions and cyber security solutions in place, cybercrimes will continue and increase. Additional security can be ensured by purchasing Cybersecurity insurance policies that will mitigate the business risks and protect it from monetary losses arising from data breaches, investigation fees, and operating losses.