Although attacks on small and medium-sized businesses (SMBs) rarely hit the headlines, they remain a serious threat. Unlike their corporate counterparts, many SMBs lack the tools, skills, and mitigation services they need to combat modern threats.
Understanding that forewarned is forearmed, the National Cyber Security Centre (NCSC) recently debuted a guide aimed at smaller companies that lack dedicated IT or support staff called “Using Online Services Safely”. Its purpose is to help smaller players bolster their cybersecurity defenses and mitigate the potential impact of attacks on companies that depend on online services.
The guide also aims to clear the fog for those SMBs who found the NCSC’s cloud security guidance overwhelming. Ultimately, it hopes to set SMBs up in a way that protects them from online risks while still achieving their business priorities. And, in a landscape marked by the distributed workforces that fuelled a dependence on cloud services, this has become more vital than ever.
Many SMBs, whether they know it or not, depend heavily on online apps and services for daily business functions, such as email, storage, web hosting, payroll, invoicing, social media, and more.
The ten-page guide helps SMBs navigate today’s threat landscape, offering practical advice on cybersecurity matters. This includes how to choose the right services or backup, domain name security, how to secure user and admin accounts, and how to defend against malicious tools of every nature.
It also offers insights into how to get the most from built-in security features contained in popular cloud services and how to recover hacked accounts or services in the aftermath of a security event.
The guide covers:
- Choosing a good service
- Back up your organization’s critical data
- Protecting your public domain name
- Creating separate user accounts
- Securing your users’ accounts
- Protecting your admin accounts
- Defending your online accounts from malware
- Use the security features built into the service
- Recovering a hacked account or service
It won’t happen to me
Guides like this are crucial because many smaller entities believe that cybercriminals only have eyes for larger enterprises with a lot of valuable data. However, nothing could be further from the truth. These businesses have much of the same information, customer data, and digital infrastructure that attract bad actors to larger businesses.
For instance, many SMBs keep vast quantities of customer payment information or financial credentials. Should an attacker successfully penetrate their network, they could get their hands on a valuable payload, which could be used for their benefit or sold on the dark web for profit.
Knowing this, bad actors often target SMBs because they see them as less protected or low-hanging fruit.
A UK Government report from April last year revealed that nearly a third of UK organizations suffered a security incident or cyber-attack in the prior 12 months, a number that rose to 59% when looking at SMBs alone.
You get what you pay for
Other SMBs, believing themselves immune to attack, employ only free cybersecurity tools that were designed to protect individuals instead of businesses. This leaves gaping holes in their security nets that larger corporations with more powerful security measures don’t have to worry about.
Attacks on businesses come in many shapes and sizes, and it’s no different for SMBs, although some are more common than others. In certain instances, threat actors employ the same tactics, techniques, and procedures (TTPs) they use to breach larger businesses.
This is mostly because instead of using a different tool for each type of company, attackers find it easier to adopt a ‘mud against the wall’ approach and target many companies at once with their malicious tools. This is particularly problematic for SMBs, as they now have to fight sophisticated and advanced attacks with inferior weapons.
Let’s look at some of the cybersecurity threats that today’s SMBs face.
Spreading the ILOVEYOUs
Viruses and other types of malicious code spread from one machine to the next, and need to be sent by users, which sets them apart from worms that replicate without the need for manual intervention.
However, over and above their lack of skills and expertise, SMBs often run outdated software on their systems, which is an open invitation for bad actors to target known vulnerabilities within their systems and infect them with all sorts of malware.
Ransomware, in particular, continues to affect smaller organizations disproportionately because ransomware actors gain high profits, and the risks are incredibly low.
The human factor
Insider attacks are another scourge that SMBs need to address. Sometimes, this threat takes the form of a careless employee who leaves a flash drive lying around, uses a weak and easily guessable password, or inadequately secures access credentials.
At other times, it’s more sinister, in the case of disgruntled former or current staff members looking to make money, harming the business by damaging systems, or even selling company secrets to the competition.
Phishing attacks are another tool used by cybercrooks to fool users into divulging sensitive data, usually usernames, passwords, and financial login credentials. Cybercriminals often use the ‘stick and carrot’ method to trick users into clicking on a link, either by promising a reward or by threatening to expose them for some wrongdoing. Either way, a successful phishing attempt gains the attacker a foothold on the company network.
A guiding light
Cybersecurity guides such as NCSC’s are indispensable for SMBs due to the ever-evolving threat landscape they operate in today. As technologies advance, so do the tools and tricks used by adversaries looking for any weakness in the security chain.
SMBs with limited skills and resources are particularly susceptible to cyber threats, and this guide will serve as a roadmap to help them implement robust security measures and navigate the complex world of cyber risks.
Armed with insights into the latest cyber threats, best practices for safeguarding sensitive data, and practical steps for establishing a resilient cybersecurity infrastructure, SMBs can mitigate the risk of data breaches, financial losses, and damage to their reputation.
Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor and do not necessarily reflect those of Tripwire.
Mastering Security Configuration Management
Master Security Configuration Management with Tripwire's guide on best practices. This resource explores SCM's role in modern cybersecurity, reducing the attack surface, and achieving compliance with regulations. Gain practical insights for using SCM effectively in various environments.