Tag: Cyber Attacks

Small and Medium Businesses Are More Vulnerable to Cyberattacks

Tips for Small Businesses on How to Enhance Cybersecurity

By Daniel Markuson, Digital Privacy Expert, NordVPN

According to the study conducted by the Ponemon Institute, only 28% of small and medium businesses mitigate cyber threats, vulnerabilities and attacks effectively. The study revealed that nearly half of the companies have no understanding of how to protect their data, finances, employees and customers against cyberattacks.

However, small businesses may often be even more attractive targets for hackers than larger enterprises. Here are some of the reasons:

  1. The owners of valuable data. Contrary to what most of the small companies may think, they do have useful data for hackers. It can be anything from financial information that can be used for fraud, to the personal details valuable for identity theft.
  2. The path to other companies. Often hackers target small companies for easy access into larger enterprises. It can also be a path into the data of many other small businesses.
  3. Easy to hack. Small businesses often lack adequate cyber-defenses, so they are frequently much easier to hack compared to larger enterprises. There are usually no security personnel and technology in place, so it’s also more challenging to detect an attack when it occurs. Effective handling of cyber threats is impossible without a strategy and strict policies applied to all employees.
  4. More difficult recovery. Every small business has computer-based data it needs to operate. Unfortunately, few can recover from an attack independently. However, a cyberattack might be the end of the road, especially for a small business. Therefore, small business owners are more likely to pay ransoms.

Ransomware and spear-phishing attacks are the most common cybercrime tactics used against small businesses. The first one blocks access to a computer or mobile phone until the attackers receive a ransom payment. The second one is an email-spoofing attack seeking unauthorized access to valuable information. There are hundreds of different ways to harm any enterprise, its employees or customers. Some of the most usual methods don’t even require advanced technological knowledge. For example, social engineering schemes are easy and effective to launch.

Simple tips for small business owners to boost cybersecurity

Do regular backups. Regular backup of your data in a secure location – offsite and offline – is essential. It helps to protect yourself from a ransomware attack. For small businesses with less sensitive data, even external hard drives might be enough. For more significant comfort, consider special paid backup security services (don’t trust free ones).

Secure all your smart devices. Cybersecurity is not limited to your smartphone, tablet or computer. These days, even printers and TVs are connected to the internet, so make sure these are secure as well. If the password and even username are insecure, change them. Additionally, restrict admin privileges to your networks and accounts. Each team member must have their personal credentials with an assigned role. This way you will always know who made a mistake.

Secure all your data. Encrypting your data makes it more difficult to exploit or hijack. A reliable and reputable VPN service provider, like NordVPN, SurfShark or ProtonVPN, can encrypt the online traffic of all your employees. This ensures that your data is safe when they need to access it. Many small business owners and employees work at office hubs or at home, so their data gets sent through unsecured channels. A reliable VPN can fix this problem. Of course, don’t forget that you need an antivirus and a strong firewall.

Educate your team members. It is essential to cultivate the secure mindset of every employee. Keep your team members informed about the dangers of downloading attachments or clicking on links from unknown sources. Make sure to educate them about social engineering tactics, latest hacks and phishing attacks. You can use an online cybersecurity test to understand how much your employees know about digital security.

Always update your devices. Don’t forget to update your computers, tablets, smartphones and other devices regularly. Do the same for software. New updates fix security vulnerabilities and system bugs that could cause insecure situations. Make sure to update your firewalls and antivirus.

Create a strong password. Use unique passwords for different accounts or devices. Make sure to create strong passwords and change them every three months. It’s also crucial for your company to have a strict password policy and ensure that all employees comply with it. Additionally, share some tips with your colleagues on how to create strong and reliable passwords.

An average data breach costs $3.92 million, and that’s a heavy burden on small and medium enterprises. Leaks drive away clients, plus companies end up paying millions in fines and compensations. Even though cyberattacks often target SMEs, the media focuses only on the big hacking scandals. That’s why small company owners tend to think only of major corporations with vast amounts of valuable data as the primary targets. Consequently, SMEs often do not take the most basic steps to protect their digital resources. It’s time to understand that your business’s security is in your own hands.

Bio
Daniel Markuson is a Digital Privacy Expert and Internet security enthusiast at NordVPN. Daniel is generous with spreading news, stories and tips on how to stay secure in the fast-changing digital world.

Alert Logic Report Reveals Wealth of Vulnerabilities for SMBs

By Rohit Dhamankar, Vice President, Threat Intelligence, Alert Logic

When it comes to incorporating strong cybersecurity hygiene into their practices, small and midsize businesses (SMBs) sometimes don’t realize how susceptible they are to cyber attacks. They read the latest news about a big-name organization getting hacked and conclude that this would never happen to a “small fish” company like theirs.

But they are mistaken.

Due to increasingly automated attack methods, cyber adversaries aren’t distinguishing between “big” and “small” fish anymore. They’re targeting vulnerabilities, with automation that empowers them to cast a wide net to cripple SMBs and large enterprises alike. New research from Alert Logic indicates that lack of awareness may be leading to a wealth of exposures for SMBs: A clear majority of their devices are running Microsoft OS versions that will be out of support by January 2020, and most unpatched vulnerabilities in the SMB space are more than a year old.

What Alert Logic’s New Findings Really Say

These and other findings from the Alert Logic Critical Watch Report 2019 should serve as an eye-opener for SMBs. Our analysis was based on 1.3 petabytes of data from more than 4,000 customers, including data from 2.8 million intrusion detection system (IDS) events and 8.2 million verified cybersecurity events. Here are highlights from the report that illustrate the most significant challenges we found:

Digging into the Numbers

More than 66 percent of SMB devices run Microsoft OS versions that are expired or will expire by January 2020. There’s little representation, in fact, of the current Windows Server release – 2019 – among this group and the majority of devices run Windows versions that are more than ten years old. Even if not exposed to the internet, these versions make it easy for attackers to move laterally within systems once they compromise a host.

Three-quarters of the top 20 unpatched vulnerabilities in the SMB space are more than a year old. Even though automated updates have improved software patching, organizations struggle to keep up the pace. The use of open source software – a common technique for building software projects efficiently – complicates the patch cycle, especially when the open source software is embedded. To uncover and reduce the vulnerabilities left by unpatched code, organizations must invest in third-party validation of the efficacy of the update process in their software development life cycle (SDLC) while conducting regular vulnerability scans.

Security Challenges SMBs Face

Weak encryption continues to create headaches, accounting for 66 percent of workload configuration problems. Unfortunately, many SMBs simply implement a default encryption for a particular app. Defaults were typically defined when older encryption protocols were still considered safe but might no longer be. It’s not surprising then that our research found that 13 encryption-related configuration flaws are leading to 42 percent of all security issues found.

Nearly one-third of the top email servers run on Exchange 2000, which has been unsupported for nearly 10 years. Email is the life blood of most businesses, so SMBs place their operations, sales and other critical functions at risk if they encounter newly identified vulnerabilities for which there are no available patches.

The three most popular TCP ports – SSH (22/TCP), HTTPS (443/TCP) and HTTP (80/TCP) – account for 65 percent of all vulnerabilities. Internal security teams should regularly scan ports to determine weaknesses and firewall misconfiguration issues, as well as whether unusual, possibly harmful services are running on systems. In addition, they need to close ports that are no longer in use; install firewalls on every host; monitor and filter port traffic; and patch and harden any device, software or service connected to ports.

Half of systems are running a version 2.6 Linux kernel, which has been out of support for more than three years. There are at least 69 known vulnerabilities for this kernel level, with many relatively easy to exploit. Kernels serve as the heart of an operating system, managing hardware, memory, apps, user privileges and an assortment of other key functions/components.

What to Think About Next

An obvious answer for SMBs is to inventory their cyber ecosystem and replace systems that have outlived support. But this is impractical for many. Resource constraints and inability to scale often prevent SMBs from upgrading and they struggle to apply best practices in patching, hardening and cyber hygiene. These organizations don’t have to go it alone, however, and can partner with security providers who offer strong but cost-conscious options to provide needed threat visibility, intelligence and security and compliance experts. With this support, SMBs can better defend existing infrastructure while addressing security challenges that occur during upgrades or migrations to the cloud.

Bio
Rohit Dhamankar is vice president of threat intelligence products at Alert Logic. Dhamanker has over 15 years of security industry experience across product strategy, threat research, product management and development, technical sales and customer solutions. Prior to
Alert Logic, Dhamanker served as vice president of product at Infocyte and founded consulting firm Durvaanker Security Consulting. He holds two Masters of Science degrees – one in physics from The Indian Institute of Technology in Kanpur, India and one in electrical and computer engineering from University of Texas – Austin.