Top cyberthreats to small business

When it comes to information security, don’t think that cyber-attackers are on a constant quest for big fortunes or tabloid notoriety. Statistics show that more than 60% of all small and medium enterprises (SMEs) experienced cyber-attacks over the course of 2022.
Cyber-attacks can cause businesses to lose confidential information, finances, valuable market share and more. Kaspersky experts have analysed vulnerable points SMEs might have and outlined some major cyberthreats for entrepreneurs to be aware of.
1. Data leaks caused by employees: There are different ways a company’s data may be leaked — and, in certain cases, it might happen involuntarily.
During the pandemic, many remote workers used corporate computers for entertainment purposes, such as playing online games, watching movies, or used e-learning platforms — something that continues to pose security threats to organisations.
The level of cybersecurity since the initial adoption of remote work by organisations en masse has improved. Nevertheless, corporate computers used for entertainment purposes remain one of the most important ways to get initial access to a company’s network.
Looking for alternative sources to download an episode of a show or a newly released film, users encounter various types of malware, including Trojans, spyware and backdoors, as well as adware. According to Kaspersky statistics, 35% of users who faced threats under the guise of streaming platforms were affected by Trojans.
If such malware ends up on a corporate computer, attackers could even penetrate the corporate network and search for and steal sensitive information, including both business development secrets and employees’ personal data.
Also, there’s a tendency to blame ex-workers for possible data leaks. Only half of the leaders of recently surveyed organisations are confident that ex-employees don’t have access to company data stored in cloud services or can’t use corporate accounts.
And even if you’re absolutely certain you parted ways on good terms with everyone, that doesn’t mean you’re out of the woods. Who can guarantee they didn’t use a weak or non-unique password to access work systems, which attackers could brute-force uncover or come across in an unrelated leak?
2. DDoS attacks: Distributed network attacks are often referred to as distributed denial of service (DDoS) attacks. This type of attack takes advantage of the specific capacity limits that apply to any network resources — such as the infrastructure that enables a company’s website.
The DDoS attack will send multiple requests to the attacked web resource — with the aim of exceeding the website’s capacity to handle multiple requests, and prevent the website from functioning correctly.
Attackers resort to different sources to perform acts on organisations such as banks, media assets or retailers — all frequently affected by DDoS attacks. Moreover, DDoS attacks on online retailers tend to spike during holiday seasons, when their customers are most active.
There’s also a growing trend towards gaming companies gaining scale. The North American data centres of Final Fantasy 14 were attacked in early August last year. Players experienced connection, login and data-sharing issues. Blizzard’s multiplayer games — Call of Duty, World of Warcraft, Overwatch, Hearthstone and Diablo: Immortal — were also DDoSed yet again.
Something to note is that many DDoS attacks go unreported, because the payout amounts are often not terribly big.
3. Supply chain: Being attacked through a supply chain typically means a service or program you have used for some time has become malicious. These are attacks delivered through the company’s vendors or suppliers — the examples can include financial institutions, logistics partners, or even a food delivery service. Such actions may vary in complexity or destructiveness.
4. Malware: You can encounter malicious files everywhere: if you download illegitimate files, make sure they do not harm you. The most emerging threats are the encryptors that chase a company’s data, money, or even personal information of its owners.
More than a quarter of SMEs still opt for pirated or unlicensed software to cut costs. Such software may include some malicious or unwanted files that may exploit corporate computers and networks.
Additionally, business owners must be aware of access brokers as such layers of groups will cause SMEs harm in a variety of ways in 2023. Their illegal-access customers include cryptojacking clients, banking password stealers, ransomware, cookie stealers, and other problematic malware.
5. Social engineering: Since the onset of the Covid-19 pandemic, many companies have moved much of their workflows online and learned to use new collaboration tools. In particular, Microsoft’s Office 365 suite has seen a lot more use — and, to no one’s surprise, phishing now increasingly targets those user accounts. Scammers have been resorting to all sorts of tricks to get business users to enter their passwords on a website made to look like Microsoft’s sign-in page.
We’ve uncovered many new ways how phishing scammers are trying to fool business owners, which sometimes turn out to be quite elaborate. Some are mimicking loan or delivery services by sharing false website links or sending emails with fake accounting documents.
One red flag discovered by Kaspersky experts is a link to a page translated using Google Translate. Attackers use Google Translate to bypass cybersecurity mechanisms. The senders of the email allege that the attachment is some kind of payment document available exclusively to the recipient, which must be studied for a “contract meeting presentation and subsequent payments”.
The Open button link points to a site translated by Google Translate. However, the link leads to a fake site launched by attackers in order to steal money from their victims.
Summing up, cybercriminals will try to reach out to their victims using every way possible — through unlicensed software, phishing websites or emails, breaches in the business’s security network or even via massive DDoS attacks.
However, a recent survey by Kaspersky showed that 41% of SMEs have a crisis prevention plan — thus, do care about cybersecurity and understand how challenging IT security incident remediation can be is a good tendency that hopefully will result in reliable protective measures implemented within these organisations.