by Simon Moran
Posted on March 15, 2022
Want to interview Simon?Contact
A recent report indicates that SMBs face greater threats from cyberattacks than ever before.
Many small and midsize companies take more of a light-touch approach to cybersecurity because they figure they’re too small to be of interest to cybercriminals. “Why would a hacker go after our company when with the same amount of effort, they could hit a much bigger – and richer – one?”
While there may have been some truth to that assumption a few years ago, it’s no longer the case. Two relatively new approaches are largely responsible for the change: 1) increasing automation of cyberattacks, and 2) supply chain attacks, especially against Managed Service Providers (MSPs).
Let’s explore what these new ways of doing (malicious) business mean for small-to-midsize organizations, and why.
The “good guys” are not the only people making use of artificial intelligence tools in cyberspace. Cybercriminals have been using big data analytics and machine learning tools as a way to find promising victims and create customized phishing emails.
An independent malware testing lab, AV-Test, reported seeing 552,000 malware samples per day during the first half of 2021, an increase of 37% over what they saw in the previous six months. The dramatic increase in the number of attacks is an indicator that cybercriminals are automating their processes to create new threats. And once much of the labor is eliminated, many smaller ransom payouts are just as good as a few large ones.
Crimeware-as-a-Service, with malware hosted on the cloud in the dark web, is increasingly common, giving even attackers with relatively weak technical skills access to sophisticated tools.
While an individual small business might be too small for an attacker to bother targeting, that business’s suppliers are likely a very juicy target. When a cyberattack hits a vendor, the cybercriminals can quickly and easily move down the food chain to launch attacks on the company’s customers.
The REvil cybergang recently attacked Kaseya, a company that provides IT management software that’s widely used by MSPs. Once they succeeded in getting into Kaseya’s software, REvil was able to attack dozens of MSPs, which in turn gave them access to thousands of end customers, including many SMBs. A Swedish retailer, Coop, temporarily shut down over half of its 800 stores due to the attack. Coop wasn’t even a direct Kaseya customer – but their software was being used by the company’s MSP.
In another example, in March of last year a large MSP, CompuCon, revealed that they had been the victim of a malware attack. The company reported that the attack itself would cost them $5-8 million in lost business. They estimated that $20 million would be necessary to clean up the mess.
In a study commissioned by the National Cyber Security Alliance, Zogby Analytics uncovered some alarming statistics. They polled over a thousand smaller companies, firms with up to 400 employees. They found that 30% of businesses surveyed had experienced a cybersecurity breach in the preceding 12 months. Of the companies that had experienced a breach:
That should be enough to get the attention of any SMB: 25% went bankrupt after a successful cyberattack.
Protecting SMBs from cyberattacks
Many small businesses and medium enterprises may want to up their cybersecurity game, but feel they can’t, either because they don’t have what the necessary technical resources in-house, or think they can’t afford the expense.
That’s exactly why we created ZTEdge: to provide SMBs with access to state-of-the-art cybersecurity, in a comprehensive (but modular) Zero Trust-based Secure Access Service Edge solution that is quick and easy to install at a price point that makes sense for SMBs. For organizations that prefer to outsource their security functions, Ericom Software partners with Managed Security Service Providers (MSSPs) that offer ZTEdge to make moving to Zero Trust security accessible for any organization, regardless of the depth of their IT team.
And a final note for – and about – MSPs: Just about the worst thing for business is being the conduit via which malware reaches your customers. Many of our MSSP partners start by integrating ZTEdge into their own operations to protect themselves from cyberattack. It’s a smart move to consider.
The FBI-led takedown of Qakbot was an operation that involved seven countries. Malware was removed from 700,000 computers. But don’t think all that makes you safe.
Generative AI empowers its users to work fast, better and more efficiently. Alas, this includes cybercriminals, who are using malicious GenAI platforms to accelerate zero-day exploit creation.
Cybercriminals love the multiplier effect they get from attacking law firms: Hack in, and they get firm data PLUS juicy confidential client info.