It's hard to ignore the increasing number of cyber-attacks targeting large corporations and governmental organisations. New stories are appearing almost daily exposing the lengths cybercriminals are going to in order to steal sensitive business and customers’ personal information from large corporations and businesses.
While large corporations still continue to garner a lot of attention from cybercriminals, the reality is that SMBs are also increasingly becoming targets for cyber-attacks. In fact, according to the latest Symantec Internet Security Threat Report, 31 per cent of targeted attacks in 2012 were on businesses with less than 250 employees.
So why are cybercriminals interested in SMBs? Don’t they have bigger fish to fry?
The question many SMBs may ask is “Why us and not a larger company with more profits or customer information to steal?” Unfortunately the answer is simple: it can be easier. SMBs, on average, have less money and resources invested into internet security and protection, making them an easier target.
Furthermore, SMBs generally conduct business with many enterprises, and today’s sophisticated hackers see them as a potential backdoor into these larger organizations. Known as the “watering hole” technique, an attacker compromises a website, such as a blog or small business website, which is known to be frequently visited by the victim of interest, so when the victim later visits the compromised website, a targeted attack payload is silently installed on their computer. In 2012, the number of web-based attacks increased by one third and many of these attacks originated from the compromised websites of small businesses. It is important for SMBs to be aware of not only what to do if their company is attacked, but also what they can do to prevent this from happening in the future.
What type of attacks can SMBs expect?
Some attacks are directly into your business – trying to penetrate your website or internal networks. These attacks can be extremely hard to identify, however, lagging programs or consistently slow internet can be small signs that something is wrong, as well as more obvious irregularities such as strange transactions on your bank statements or unusually high traffic to and from your customer databases. There are a number of ways a company can be targeted, and it does not always have to be a direct attack on a company’s internal systems or financial details. In recent years, Australian retail companies have experienced an increase in reputational attacks where cybercriminals create fake websites or emails to mislead consumers and steal their personal details. This type of attack is very subtle and can be difficult for SMBs to even know it is happening.
Ransomware became a bigger challenge for small businesses in 2012. Ransomware locks your computer and demands a release fee. The malware is often quite sophisticated and difficult to remove. Ransomware is a category of malicious software which, when run, disables the functionality of a computer in some way. The malware, in effect, holds the computer ransom. Victims usually end up with ransomware from visiting infected websites. The ransom typically ranges from $50 to $400. Ransomware scams are extorting at least $US5 million a year. One group detected was attempting to infect 500,000 computers over an 18-day period*.
So, what can you do about it?
If you feel that your network has been breached or you have been the victim of a cyber-attack you need to act quickly. Basic steps include; quarantine the computers that were affected; remove the malware; restore the computers to their original condition; reinstall systems and applications; scan for malware; restore company’s data; and start thinking about how you can increase your security.
It’s also important to notify customers and stakeholders of data breaches. Particularly if the company experiences a reputational attack, offering assistance and advice will help alleviate any brand damage caused by the security breach. This will enable stakeholders to take proactive steps to protect themselves including changing their passwords and notifying their financial institutions of potential fraudulent transactions or account breaches.
Better to be safe than sorry
The best way to protect your business and your customers’ data though is to be proactive about your security. There are things you can do to make your business more secure.
- Know what you need to protect: Look at where your information is being stored and used, and protect those areas accordingly.
- Enforce strong password policies: Passwords with eight characters or more and use a combination of letters, numbers and symbols (e.g., # $ % ! ?) will help protect your data.
- Map out a disaster preparedness plan today: Don't wait until it's too late. Identify your critical resources, use appropriate security and backup solutions to archive important files, and test frequently.
- Encrypt confidential information: Implement encryption technologies on desktops, laptops and removable media to protect your confidential information from unauthorised access, providing strong security for intellectual property, customer and partner data.
- Use a reliable security solution: Today's solutions do more than just prevent viruses and spam; they scan files regularly for unusual changes in file size, programs that match known malware, suspicious email attachments and other warning signs. It's the most important step to protect your information.
- Protect information completely: It's more important than ever to back up your business information. Combine backup solutions with a robust security offering to protect your business from all forms of data loss.
- Stay up to date: A security solution is only as good as the frequency with which it is updated. New viruses, worms, Trojan horses and other malware are created daily, and variations of them can slip by software that is not current.
- Educate employees: Develop internet security guidelines and educate employees about internet safety, security and the latest threats, as well as what to do if they misplace information or suspect malware on their machine.
As cyber-attacks continue to increase, it is important that SMBs are aware that they are very much at risk of becoming a target. Being prepared and proactive is half the battle to stay one step ahead of potential cyber-attackers.
Sean Kopelke is Symantec's Pacific Director of Strategic Solutions.