Security Breach

 Picture Credits: Jenna Campbell

Due to the Covid-19 breakout, almost every industry including SMBs, the education sector, remote work environments, health care, etc. has been hit by various cybersecurity attacks. According to a survey conducted by the University of Maryland, Hackers attack every 39 seconds on average 2244 times a day. There are approximately 30.2 million SMBs in the US, not all have the tendency to deal with cybersecurity attacks or breaches. The reason behind this is SMBs serve as a soft target for cybercriminals due to their less advanced security infrastructure and a low number of trained cybersecurity staff that respond to the threats and provide a mitigation plan.   A study found 43% of SMBs don’t have a cybersecurity defense plan in place at all which leaves their most sensitive financial, customer and business data, and ultimately their companies at significant risk. In this section, we will have a glance at the top ten cybersecurity challenges faced by small and medium businesses

1.Phishing Attacks

Phishing attacks are commonly categorized as a social engineering attack where an adversary masquerades as a trusted source and tricks the victim into clicking an email, instant message to view its content. The victim is tricked into clicking a malicious link contained in the email or message which leads to the installation of malware resulting in revealing sensitive information or slowing down the system as a part of a ransomware attack. According to the F5 2020 Phishing and Fraud Report, there has been a significant increase in phishing attacks as compared to past years. The year 2020 is on the target to see a 15% increase in phishing incidents.
Chart showing annual phishing incidents as seen by the F5 SOC

Source: F5

Verizon 2020 Data Breach Investigation Report pointed out that the use of malware and Trojans have decreased while attackers are more inclined towards the use of phishing. As a part of social action, phishing is achieved 96% of the time via email, 3 % via website, and only 1 % using SMS
Phishing

Source: Verizon Data Breach Report 2020

2. Ransomware Attacks

Data Force ransomware virus money vector illustration

Picture Credits: Jan Strelec

A type of malware that prevents users from accessing their system or personal files and then demanding a ransom payment in order to regain access. Ransomware attacks are usually carried out via social engineering i.e. sending spam email from a trusted source that looks very enticing for the user and contains malicious attachments or links. Once clicked the malware starts to infect the system usually slowing it down and displaying a ransom note. In most cases, personal files or drives are encrypted and can only be decrypted using a key provided by the adversary once the ransom has been paid. According to a survey, 46% of SMBs have been the targets of a ransomware attack and out of these 73% of those companies have paid a ransom

3. DDOS

Distributed Denial of Service (DDOS ) is a cyber-attack on a server, website or network that floods it with huge amounts of internet traffic which overwhelms the target resources in terms of bandwidth, system resources, etc and renders it unavailable for intended users. These types of attacks are usually carried out by a network of compromised or hacked systems known as botnets which are controlled by C&C (Command and Control) Server. A single compromised system is known as a bot. These botnets are controlled by cybercriminals and come into action once the C&C server sends commands to overwhelm a target resource.  DDOS attacks are divided into the following categories
  • Volumetric Attacks 
  • Application-layer Attacks
  • Protocols Attacks 
There has been a significant increase in DDOS attacks over the past few years, most importantly the year 2020 in which the covid-19 pandemic provided adversaries an opportunity to hit almost every business / Industry. As per Kaspersky DDOS attacks report Q1 2020, there has been a significant increase in both the quantity and quality of DDoS attacks. The number of attacks doubled against the previous report and by 80% against Q1 2019. The attacks also became longer. A rise in both the average and maximum duration was observed. The first quarter of every year sees a certain spike in DDoS activity.
DDoS attacks in Q1 2020 | Securelist

Source: Kaspersky

 

4. Remote Worker Endpoint Security

Due to Covid-19, the sudden shift to Work From Home for many organizations was overwhelming. As per Fortinet 2020 Remote Workforce Cybersecurity report, 60% of the organizations reported cybersecurity breach attempts during work from home transition while 34% reported an actual breach in their networks. Cybercriminals treated the pandemic as a golden opportunity to exploit systems as most of them did not employ basic endpoint security. SMBs which used VPNs were not enough to support a fully remote workforce which led to data breaches 

5. Insider Threats

Picture Credits: Csaba Gyulai

Insider threat is a security risk that initiates from within an organization. The threat actors range from current or former disgruntled employees, consultants, contractors, or advisors in an organization. A study conducted by Ponemon Institute shows that the average cost across the globe related to insider threats rose by 31% in two years to $11.45 million and the frequency of incidents spiked by 47% during the same period of time.  An insider threat is categorized into the following types 
  • Turn cloak: A malicious user that intentionally leaks sensitive information /credentials for personal or financial incentives
  • Careless Insider: An organization employee who accidentally exposes the system to outside threats e.g an employee might accidentally click on a malicious link  leading to the installation of malware and compromising the organization infrastructure 
  • Mole: An imposter who is an outsider but manages to get access to the inside network by gaining access to a privileged network.

6. Malware Attacks

malware danger virus hacker hacking malware

Picture Credits: Era Innovator

Malware is a diverse term for malicious code that adversaries/hackers use to gain access to systems, networks, and sensitive data. The sole purpose of malware is to steal data, destroy data, and gain unauthorized access to systems by planting backdoors. Common sources of malware infections are via malicious websites, downloading of malicious software or by connecting to infected systems, networks or websites, etc. 

7. Shortage of Cybersecurity Professionals

One of the noticeable challenges faced by SMBs is the shortage of cybersecurity talent. According to a survey conducted by a global non-profit pointed out that due to Covid-19 pandemic cybersecurity attacks increased by 63%.
“We are outnumbered—the people that are doing bad things, whether it’s a nation-state type of activity or cybercrime—the good guys and gals were vastly outnumbered prior to the pandemic,” says David Shearer, CEO of (ISC)2. 

8. Cloud Security

The adaptability and scalability that the cloud offers makes this technology all the more convincing to SMBs.SMBs have migrated their infrastructure to the cloud as it is less expensive as compared to in-house IT infrastructure. Currently, almost all SMBs use the cloud in some way. According to the Checkpoint 2020, Cloud security report the top cloud security challenges highlighted are data loss/leakage, data privacy/confidentiality and accidental exposure of credentials and incident response.
Checkpoint Cloud Security Concerns

Source: Checkpoint 2020 Cloud Security Report

While the top cloud threats include misconfiguration of the cloud platform, unauthorized access, insecure interfaces/APIs
Cloud Threats

Source: Check Point Cloud Security Report 2020

9. IoT (Internet of Things)

IOTs are a large number of devices interconnected that have the capability to interact with the physical world. Cybercriminals are constantly searching for vulnerabilities in order to steal sensitive data, compromise systems and gain unauthorized access to remote systems. Currently there are almost  23 billion IoT-connected devices connected around the world/As per a survey IOT will compromise 41.6 billion by 2025. IoT devices are prone to various attacks such as hardware hacking, DOS attacks, Signal Jamming, Spoofing, reply attacks. SMBs relatively lack in patching up vulnerabilities in the IoT devices and end up getting compromising their infrastructure

10. BYOD

men sitting in front of their laptop computer

Picture Credits: Annie Spratt

BYOD ( Bring Your Own Device ) is a concept where the organizations do not allow their employees to use company laptops Desktops or cell phones rather they enforce the users to bring their own personal devices. The employees connect to the company’s network, download data, in short their devices interact with the organization’s network. BYOD concept becomes a liability for organizations because 85% of the mobile devices and personal laptops do not have adequate security protection controls which lead to various cybersecurity attacks for the SMBs.Most of the SMBs don’t consider this as a threat until they have become a victim of large data breaches.  If you have questions or need help with any of the challenges, then CyberBatman can take care of your organization’s security posture and will ensure that your business remains protected against evolving and advanced security threats. Avoid your company from being the next target of Cyber Criminals, Contact CyberBatman