[BreachExchange] Cybercriminals are turning to the weakest link: SMEs

Audrey McNeil audrey at riskbasedsecurity.com
Thu Jul 7 18:45:39 EDT 2016


http://www.itproportal.com/2016/07/05/cybercriminals-are-turning-to-the-weakest-link-smes/

Small to medium-sized companies now make up 99.3 per cent of the UK’s
private sector business, contributing an astounding £1.6 trillion to the
national economy every year. With this in mind, it should come as no
surprise that hackers are increasingly turning to SMEs to fuel their
criminal operations.

This unwanted attention isn’t being attracted solely by profitability; SMEs
are also considered much easier targets than their larger counterparts.
Though 82 per cent of companies believe they are too small to be considered
a worthwhile target for cybercriminals, this couldn’t be further from the
truth.

In 2014 alone, 92 per cent of attacks were carried out against SMEs.  The
average year sees seven million attacks launched against smaller firms,
costing the UK economy an average of £5.26 billion, according to the
Federation of Small Businesses. As attacks against SMEs become more common,
they are also becoming more costly; a survey recently published by Digital
Economy Minister Ed Vaizey found that the cost of a cyberattack in 2015
could be as high as £310,800, up from £115,000 in 2014.

While some SMEs (approximately 23 per cent) have caught on to the potential
risk posed by cybercrime, too many are still relying on outdated technology
that only provides perimeter security, completely ignoring file-based
threats. As these sorts of attacks make conventional security methods
utterly useless, an increasing number of hackers are seeing them as their
most valuable tool. According to a survey by the Institute of Directors,
nine out of ten business leaders believe that cybersecurity is important
whilst only half had a formal strategy in place to actually protect
themselves from threats.

File-based threats

File-based attacks involve the use of malicious code, hidden within common
file types and launched via email messages. The potential of a file-based
threat is only constrained by the ingenuity of the hacker, and history has
shown, time and again, the catastrophic effect these corrupted files can
bring when they gain access to an enterprise’s systems.

The few SMEs who have woken up to the threat of cybercrime still stand
little chance against these file-based threats. Many companies are still
relying on costly perimeter security solutions, such as firewalls and email
scanning, which are only effective against widely-known threats.
Furthermore, these defences rely on incremental updates to remain effective
against attacks, though they are often one step behind the hackers.

File-based attacks are responsible for 94 per cent of breaches across all
businesses, and this figure continues to grow each year. As a result, many
businesses are losing faith in their current security solutions, as well as
supposed ‘new solutions’ such as sandboxing, and moving towards more
innovative approaches.

Social engineering

The most well-trodden route into a company’s systems is through their own
employees. By using well-practiced social engineering methods, hackers can
turn an organisation’s own staff into unwitting accomplices. Alarmingly, 88
per cent of breaches include the use of social engineering.

Ammunition for these types of operations is shockingly easy to acquire.
Cybercriminals will typically find this information from a number of
sources, such as files from the company’s official website that have not
been cleaned or files that have been intercepted during exchange. This
information can be used to identify user IDs, server paths, software
versions and even employee reference data.

With this information on hand, it’s relatively simple for a hacker to forge
a convincing email to an employee, posing as a trusted contact and duping
the employee into opening a link designed to send a zero day exploit, to be
activated at a later date, straight into the company’s system. With this in
mind, it is vital that companies keep this information out of the wrong
hands, ensuring any data leakage is prevented.

The urgency of cybersecurity

With the European General Data Protection Regulation (GDPR) set to come
into effect next year, preventing file-based attacks is more urgent than
ever for businesses with operations in the EU. The new law will impose
increased penalties and fines to businesses which fail to protect data
adequately, or are subject to a breach.

Minimum fines will be set at two per cent of global turnover, with maximum
fines reaching four per cent. In addition to stiffer fines, the new
regulation will also include a provision for disclosure, in the name of
public interest, which will likely lead to many cybercrime victims losing
additional revenue as their customers lose faith in their ability to
protect their personal information.

Although the GDPR gives some leeway to SMEs deemed to pose a smaller risk
to the privacy of citizens, even ‘one-man bands’ will be expected to be
fully compliant with the regulations. They must manage their data just as
closely as their larger counterparts, avoid introducing unnecessary privacy
risks and consider the risks their business practices pose to the privacy
of their customers.

To ensure they can live up to the upcoming regulations, SMEs must turn
towards a solution based on file-regeneration, one that guarantees total
security and full protection against the most common form of cyberthreat
and can do so without compromising the speed and efficiency that businesses
require in order to deliver their clients and customers a competitive
service.

SMEs would be wise to adopt Managed Service Solutions; one which is adapted
specifically for smaller businesses and takes into account the growing
threat posed by file-based attacks. These solutions allow SMEs to achieve
full protection from threats in a cost-effective manner, and place the
burden of risk on the shoulders of a third-party.

With both the GDPR and cybercriminals casting their eyes on SMEs, it is
more urgent than ever for these enterprises to look beyond conventional
perimeter security measures and adopt a proven security solution that can
protect them from the most common and volatile attacks.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20160707/ed415ffd/attachment.html>


More information about the BreachExchange mailing list