A raft of recent reports highlight the threat SMBs face from ransomware and other lurking cyber dangers. Much of the attention has been focused on critical infrastructure: dams, power plants, utilities, and election systems. But for SMBs, essential infrastructure backbones can often be the weakest links, and hackers know how to target them.
Most ransomware attacks don’t grab headlines
A new report by Barracuda Networks warns of the dangers to small and medium businesses and says that most ransomware attacks are not headline-grabbers. You can download the full report here.
“The attacks are often sophisticated and extremely hard to handle for small businesses,” the report states.
The report also highlights various types of attacks and their impacts on small businesses as well as offers actionable solutions for MSPs such as:
- Disable macros: Implement execution prevention by disabling macro scripts from Microsoft Office files transmitted via email.
- Set up network segmentation: Implement robust network segmentation to help reduce the spread of ransomware if it does get into your system.
- Remove unused or unauthorized applications: Investigate any unauthorized software, particularly remote desktop, or remote monitoring, which could be signs of compromise.
- Enhance web application and API protection services: Secure your web applications from malicious hackers and bad bots by enabling web application and API protection services, including distributed denial of service (DDoS) protection.
- Reinforce access control on backups: Backup should be offline and cloud credentials should vary from normal credentials.
“These are all tips that are very granular, very actionable, and would go a long way towards stopping an attack in its tracks,” advises Peter Robinson, a cybersecurity specialist in Las Vegas, who has read the report.
Some verticals are at higher risk
Robinson says that despite SMBs having a target on their backs, some verticals are more susceptible than others.
“If they are part of an ecosystem, that makes them more vulnerable,” says Robinson. “For instance, a business was hacked that printed deposit envelopes for banks, and they were able to move laterally into one of their financial client’s systems. At first glance, the envelope place looked like a `printing business, but once they start printing envelopes for a bank, they become part of the financial ecosystem and therefore more vulnerable.”
A printing house, for example, that only produces wedding invitations and graduation announcements likely wouldn’t be as appealing to a hacker, Robinson adds.
The Barracuda report spotlights some of the most vulnerable verticals, including municipalities, financial services, education, and healthcare. The report says:
“While attacks on municipalities increased only slightly, our analysis over the past 12 months showed that ransomware attacks on educational institutions more than doubled, and attacks on the healthcare and financial verticals tripled. Infrastructure-related attacks have quadrupled, which signals cybercriminals’ intent to inflict greater damage beyond the impact on the immediate victim.”
The report concludes that the entire web of critical ecosystems is vulnerable to nation and state-sponsored cyberattacks. “Those are the threat actors most likely to be going after infrastructure targets,” write Barracuda researchers.
Cybersecurity budgets are not keeping pace with threats
“The problem is that budgets haven’t kept up with threats,” Robinson explains. “Too many companies still view cybersecurity expenditures as a luxury – until they get hacked.”
Indeed, a new survey by a San Diego-based security firm backs up Robinson’s assertion.
Today, a global leader in cybersecurity released its annual report, which surveyed over 1,200 cybersecurity decision-makers from small-to medium-sized businesses in Europe and North America.
According to the new data, 74 percent of SMBs in North America and Europe believe they are more vulnerable to cyberattacks than enterprises. And while these decision-makers are concerned about the possible implications of an attack – most notably loss of data, financial impacts, and loss of customer confidence and trust – 70 percent of businesses surveyed admitted that their investment in cybersecurity has not kept pace with recent changes to their operational models (i.e., hybrid working).
“And that is a problem because I can guarantee that cybercriminals are constantly investing in new tools and techniques,” Robinson asserts.
Closer to home, the top three challenges identified by SMBs in North America were:
- An inability to keep up with the latest cybersecurity threats (54 percent)
- Keeping up with the latest cybersecurity approaches and technologies (50 percent)
- Budget limitations/lack of investment in cybersecurity (49 percent)
“The irony on the budget limitations is that if an SMB has to clean up the mess from a severe breach, then that could put them out of business completely, so how is that for a budget limitation?”
Photo: patpitchaya / Shutterstock