Common Cybersecurity Threats SMBs are Facing

When we talk to customers, it’s clear that, slowly but surely, the mindset of SMBs is changing to be more hyper-vigilant when it comes to cybersecurity.

Sure, cybersecurity has traditionally been a back-burner issue for small- and medium-sized businesses (SMBs) – whose resources are laser-focused on customers, business growth and technology development. But the threat surface is growing, and SMBs are realizing they need to step up their security practices in order to survive.

In fact, according to the Ponemon Institute, a full 70 percent of SMBs have experienced a cyberattack within the last year. These attacks include ransomware, cryptomining, social media attacks, credential theft and business email compromise (BEC) – all of which are becoming top-of-mind.

Here’s a short recap of these top threats:

Ransomware

Most attacks (in general) typically involve attackers sending an email to unsuspecting employees with the aim of getting them to click on a malicious link or attachment that will execute malware on a victim’s machine. Ransomware is no different; from there, the malware infiltrates the company network, sniffing out endpoints and servers to lock up by encrypting their contents. The attackers then demand payment in exchange for the decryption key. Sometimes the adversaries threaten SMBs with extortion, saying they’ll make the data public if they don’t pay up. These attacks are becoming more targeted against specific businesses too, with attackers taking the time to know their victims to ensure they can craft convincing emails, inflict maximum disruption and garner higher ransoms.

Cryptomining

Cryptomining malware arrives on victims’ desktops and spreads through networks in the same way that ransomware does. But the payload is a piece of code that highjacks computer’s processing resources in order to apply them to mining for cryptocurrencies (most often Monero). It’s a complex blockchain process that can be lucrative for those doing it – especially if they’re not paying for their own processing power. Cryptominers are quieter by nature than ransomware, and tends to quietly leach CPU cycles while remaining hidden on a client PC or inside the datacenter. For SMBs, this translates into degraded computing performance, system-crashing and more, and can plague everyday tasks and radically reduce productivity.

Social Media Attacks

Phishing is a well-known attack vector, where cyberattackers looks to scam users via fraudulent emails. As users get more savvy at recognizing fraud mails, adversaries are moving to more trusted platforms, like social media. At SMBs, where personal social media use and business machines mingle in the absence of hard-core web policies, scammers use fake profiles to trick users into turning over sensitive info, like passwords, account numbers, tax ID numbers, credentials and more. Scammers launch thousands of phishing attacks like these every day—and they’re often successful.

Credential Theft

Speaking of credentials, the market for these is booming on the Dark Web. SMB usernames and passwords for cloud accounts, email, financial apps and more are all sought-after treasure for cyberattackers, which can be uncovered via phishing, brute force attacks or via spyware attacks. Those that steal credentials can easily sell them to other adversaries looking to take over accounts: Financial accounts to steal money directly, cloud accounts to steal company data, email accounts to carry out fraud (like BEC, our next top threat), social media accounts to cause brand damage and more. And, crooks can bank on employees using the same credentials across accounts – so, if an attacker has the password for, say a LinkedIn account, odds are the same combination will work against a more important service.

Business Email Compromise (BEC)

And finally, there’s BEC. While consumers mainly use their devices and various messaging apps to communicate, business users still predominantly use email. Cybercriminals are taking great advantage of this by impersonating executives, senior managers and supply-chain partners to dupe employees into authorizing fraudulent wire transfers or providing confidential information that can be used to defraud companies. These attacks are obviously at their most compelling when a cybercriminal has email account credentials and can log in and send a fraud email from the executive’s real account; but there are ways to spoof email addresses that are quite convincing.

No Business is Immune

The reality is, no one is immune to cybercrime, and SMBs need to take stronger action as they go forward. However, SMBs do face challenges when it comes to shoring up their armor: They have smaller budgets and limited resources to spend on training and security software. This makes them not only an ideal target for external cyberattackers that look for low-hanging quarry with limited defenses, but also ups the potential for negligent employees to make mistakes that have consequences (insider mistakes are to blame for 54 percent of SMB data breaches, according to Ponemon).

Luckily, they can turn to managed service providers (MSPs) like TPx to help. With our Managed Firewall and Managed Endpoint services, you gain your own dedicated team of security professionals working for you. And, we keep your defenses consistent: You never need to worry about installation, configuration, maintenance, patching or updating of your security infrastructure – and it’s all provided at a price you can afford.

Make your business more secure with TPx, so you can focus on growing your organization with the peace of mind that you have the latest, most up-do-date modern security defenses possible. Visit www.tpx.com/services/managed-it or contact your TPx representative to learn more!

 

About the Author

Erik Nordquist is the Senior Product Manager for TPx Communications’ managed security services. He’s led a broad range of critical activities, including Field Operations and the Hostmaster team where he built TPx’s anycast DNS network to service its 55,000 customer locations. His work on the Network Integrity team made him the resident expert for mitigating Denial of Service (DoS) attacks. After interfacing with customers for years, Erik is bringing his customer-focused approach to his Product Manager role, helping to deliver first-in-class security services to TPx clients with unsurpassed customer support.