Why SMBs Are Vulnerable to Cyber Attacks
Do you want to be responsible for IT at a company that gets breached by cyber criminals? Do you want to have to explain why no steps were taken to contain attacks when they occurred, or why the steps taken were inadequate? Are you finding it a challenge to convince others at your company of the need for a strong cyber security plan? Small and medium-sized businesses are increasingly common targets of a cyber attack, and all too often the company does not survive the breach.
If you’re one of the 60% of senior SMB decision-makers with no plan for preventing a cyber attack, or one of the 66% who doesn’t believe an attack is likely to target your company in the first place, you may be making a mistake that will be difficult to recover from. While SMB leaders tend to assume that cyber criminals prefer to target larger enterprises, the fact is that 43-50% of all cyber attacks are directed at companies just like yours. Worse than that, 67% of all SMBs surveyed by the Ponemon Institute in 2018 had already been attacked.
Why? Because criminals will always seek targets of opportunity, and they know that many SMBs present just such an opportunity. Small and medium sized businesses often have weaker cyber security capabilities in place and they may also be vulnerable through weakly-protected cloud services. A small or medium sized business may be attacked as part of a broader campaign to target a larger enterprise that company does business with, but they are often attacked for other reasons such as access to customer data, cryptocurrency mining, or simply to install ransomware and force the company to pay.
If nearly half of all cyber attacks target SMBs and 67% of all SMBs have already been attacked, no SMB can afford to assume that they are not a target. Because criminals always look for targets of opportunity, the lack of a strong cyber security plan will make you a more attractive target and virtually guarantee an attack. It’s not a matter of if you will be targeted by cyber criminals – it’s a question of when.
Among the many other potential consequences of a cyber attack, you can expect the following:
- Lost business: can you afford to close for two or three days without warning? That’s the likely consequence of a denial of service attack, resulting in frustrated customers and loss of revenue.
- Lost trust: customers rely on you to safeguard credit card details and other personal information they share with your company. If this information is compromised, many customers will have a hard time trusting your company again.
- Lost data: many cyber attacks result in file corruption or other forms of data loss.
- Lost money: in the aftermath of a cyber attack you may have a lot of unexpected expenses, including the need to notify customers of the breach and replace compromised equipment. In areas covered by the EU’s General Data Protection Regulations, you may face large fines and have to deal with a lawsuit. If you were targeted with ransomware, you may be unable to get access to your own files unless you pay off the criminals.
These potential consequences are nothing to shrug off. According to recent reports, 60% of SMBs targeted by a cyber attack in the United States went out of business within six months of the attack. Considering that a successful attack could be fatal to your business, you simply cannot afford to think that cyber criminals will not target you – they either will or they already have.
So what can you do? Of course strong password policies are important (negligent security behavior by employees is one of the main causes of an attack) and good antivirus and anti-malware programs can also help. However, none of those things can protect your company against a targeted attack designed to bypass your security – the kind of attack we’re talking about here.
Cyber Attack Techniques
To protect your company from a targeted attack, Endpoint Detection & Response or EDR is the best solution. EDR can detect an attack in progress on any of your endpoints and give you the tools to respond effectively. To understand how EDR can protect your organization from targeted and advanced threats, we need to look at how attackers usually operate.
Exploiting a Vulnerability: Common security weaknesses in your public-facing systems are an attractive attack avenue, with 57% of breaches resulting from known vulnerabilities that could have been patched. With over 16,000 new vulnerabilities released each year, most companies find it extremely difficult to keep their whole infrastructure up to date. Using modern automation tools, opportunistic attackers can scan the public internet for any one of these common vulnerabilities, potentially finding thousands of devices that haven’t been patched.
Spear Phishing: Targeted, deceptive communications designed to trick someone in your organization into sharing sensitive information or opening an executable file. Spear phishing is extremely common, and extremely effective – Verizon’s yearly threat report estimates that 32% of breaches involve this attack tactic.
Watering Hole: The attacker looks for vulnerabilities in websites known to be popular among your employees. They then insert malicious code in JavaScript or HTML on these sites, which pushes targets to another compromised site with malware waiting in ambush. When someone in your organization uses the common and popular website, the trap is sprung.
Man-in-the-Middle: The attacker intercepts your communications, passing them on only after examining or even altering them – creating the illusion that you are talking directly to a trusted counterpart. Man-in-the-middle attacks are done in close proximity through unencrypted Wi-Fi networks, or remotely via malware.
Buying Access: Criminal organizations crowdsource so many attacks on so many systems, that a certain percentage of those systems are bound to be compromised at any given time. In many cases, attackers can save themselves time and trouble by simply buying access to a company that has already been compromised. Has your business been breached in the past? If so, access to your systems may be available behind a cheap paywall.
As you can see, cyber criminals have a number of techniques at their disposal for breaching your security and inflicting harm on your company. To prevent a disaster like this from occurring, your best option is to look into Endpoint Detection & Response options right away. Here’s some tips to help you find the right EDR vendor for your organization. If you’d like to see how EDR works in practice before, book a free demo with us.
Categories