Here are the latest cybersecurity threats we’ve identified so far throughout 2020 specifically targeting small to medium sized businesses who generally have poorer cybersecurity in place.
Australian businesses of all sizes have recently seen an increase of cyber attacks as they make a transition into moving their day-to-day operations online and working from home.
In fact, according to a report published in 2016 by Symantec, 43 percent of all cyber-attacks are geared towards small and medium sized businesses. Since 2011, this number had increased by 18 percent.
These cyber threats are not only frustrating businesses in their daily operations but they are also costing thousands of dollars to detect, recover and repair. With less sources to combat these types of attacks, small to medium size enterprises are more vulnerable and have become the easiest targets. SMBs are the low hanging fruit for hackers.
1. Phishing: Broad & Spear
Phishing is simply fake emails with malicious links or software attached. They have been around since the internet was invented and given the way we communicate in business using email makes them very difficult to eradicate completely using traditional spam filters.
There are two types of phishing: broad and spear. Whilst broad phishing is easy to identify as it’s a generic email sent in bulk to thousands (if not millions) of email addresses, it’s spear phishing that can be most dangerous.
This is because spear phishing is highly targeted to an individual and often uses personal information or business specifics in the email making look more authentic.
For example, the email is correctly addressed to a specific person in the company (accounts lady) and appears to be from a known supplier, and is requesting urgent payment of an invoice.
While this is an old school type of fraud that traditionally was performed via pen and paper (ie; Catch Me If You Can movie style), it has made a strong resurgence in the online world given it’s simplicity and versatility when using digital devices.
2. Supply Chain Attacks
Often called “Secondary Targeting,” supply chain attacks have recently become a favourite tactic for cyber criminals.
This attack involves hacking the weakest link in your supply chain, ie; instead of hacking a large pharmaceutical company with great cybersecurity, they target the small chemist franchise with poor cybersecurity, because it connects to the pharmaceutical company’s network for ordering supplies.
The reason behind the popularity of this attack is because once inside the supply chain the hackers can move from business to business accessing not only company files but customer database information such as credit cards details, email addresses, etc which can be sold for a profit on the Dark Web.
This type of cyber-attack is gain traction fast because so many supply chains are tightly integrated and digitally connect such that hacking one link in the chain almost always hacks them all.
3. Bitcoin Mining
Cryptojacking is the unauthorised use of computers to mine cryptocurrency, eg; Bitcoin, Ethereum, etc.
Essentially the hacker is using your computer to run their software to mine for (create) Bitcoins. This will slow down your computer and use it’s resources (memory, hard drive space, etc).
Given that creating Bitcoins takes immense computing power and electricity that costs money it’s a way for hackers to get these resources for free. They simply hack your computer and run their software in the background whilst you go about your workday.
Most cryptojacking attacks start with a phishing email the user clicks on that installs the software silently on their machine. Whenever that machine is running so it the Bitcoin mining software.
This cyber threats is one of the least discussed, but one that can take a very long time to identify. So it’s important to train your staff to identify phishing emails in the first place to help avoid this type of attack being successful.
4. Ransomware 2.0
If you thought people were the only ones prone to kidnapping, you were wrong!
Ransomware is a newer type of threat, where the hacker gains unauthorised access to your business data, locks all the files by encrypting them and then demands a ransom from the you to unlock the files. Essentially your business is completely shutdown.
While some businesses simply go to the authorities with this information, around 50% of businesses end up paying the ransom. Cyber attackers can ask for amounts from $5,000 up to $10M per attack, making it difficult for small to medium-sized companies to recover for such an expense.
Many IT admins wrongly assume that having a robust backup strategy will save the business from this type of attack. This only works if the ransomware attack just encrypts your files.
However hackers are getting smarter. Now they will first take a copy of your data files before locking them up with encryption. This way should you not pay the ransom they will threaten to post all your data on the public internet via Twitter links for your customers, suppliers, competitors and the government to see.
Given the risk of government fines, customer lawsuits and trade secrets being lost to competitors, many small businesses simply pay up. So backup doesn’t help much anymore with solving ransomware attacks.
Ransomware is a huge industry now and very successful for hackers. In fact, they even have call centres and 1800 numbers to call when making your ransomware payment to ensure “a great customer experience”. The call centre operators even thank you for doing business!
These 4 threats to SMBs are the most common we’ve seen in 2020 and create the most damage.
Hackers target small businesses because they are low hanging fruit – large companies take cybersecurity seriously making them more difficult to hack. This means hackers search for easier targets and the lowest hanging fruit which is SMBs and the reason why over 40% of attacks are focused on them.