Data breaches and stolen information are a regular occurrence in the business world today, with SMBs at almost constant risk of attack. In fact, as mentioned in the 2021 SMB IT security report by Untangle, 43% of cyber-attacks target small businesses, with attacks continuing to increase year by year.
This is causing huge issues for CXO’s who are often left having to deal with the fallout of these attacks, as well as being tasked with finding ways to mitigate against them. In this post, we will be detailing some of the main reasons why SMBs are targeted by hackers and highlighting a simple way CXO’s can combat these online adversaries. Here are the main reasons why SMBs are so attractive to attack:
With many SMBs working with lower budgets than larger conglomerates, they are unable to invest similar amounts of money into their cybersecurity infrastructure. This means that generally speaking, SMBs are far easier to exploit than larger organizations, as the security protocols in place are typically inferior or poorly maintained. SMBs are already incredibly sensitive to the many costs of a cyber-attack, being a prime target on top of that is a recipe for disaster.
Cybersecurity is not a profitable department, and this often results in less priority being given to it, especially within smaller companies. Less priority means less manpower and combined with low investment in security tools you have less coverage as to what’s going on in a network. With weaker network visibility and less eyes on the screen analyzing the network, cybercriminals often bypass security protocols relatively easily in SMBs compared to those that are in place at larger organizations with comfortable budgets to allocate.
With SMBs placing less priority on cybersecurity, IT maintenance is not continuous, and software is not always updated. This can result in SMBs using out-of-date software, older versions of what is available, making them vulnerable to cyber-attacks. The reason for this is that software patches are often released to fix certain vulnerabilities that have been discovered in previous iterations of a program or application. Failure to perform updates means that vulnerabilities are left unfixed, creating easy potential entry points for a hacker.
SMBs are easy money with little risk
The cybersecurity market has proven its worth with respect to the revenue it generates, both in cyber defense and unfortunately in cybercriminal activity as well. Cybercriminals are not looking to work hard for their income and in most cases go for the easiest and safest target that would allow both fast cash and little risk. As the cybercriminal market continues to grow and mature, it creates full-blown businesses with complete and fully featured business models and services. The traditional “cyber gang” you hear about every so often causing damage to big organizations hits the news due to its effect and dramatic story, but the remaining business models available are the ones focusing directly on the SMB market, considering the work is easier and defenses are weaker. For example, the RaaS business model enables even the least experienced cybercriminals to gain software that can infiltrate and compromise an average SMB with ease.
The incentive of “easy money” is exactly the mindset of the average cybercriminal that isn’t looking to attack a national entity like the recent colonial pipeline attack, they simply need to focus on the smaller fish. As reported by Visa, 95% of credit card breaches occur on their smallest customers, showing truly the risk factor SMBs suffer from. Attacking the most vulnerable target is a clear and easy decision for a bad actor. This in turn, maintains a very healthy cybercriminal market and helps it generate cash flow that pays for the purchase of more RaaS software and opportunities when hacking.
SMBs often fail to grasp the security threat as well. According to PrimePay, a study done by the National Retail Federation and First Data Corp. found that 64% of smaller and medium-sized retailers in the U.S. believed their businesses were safe from card data theft. Equally startling, only 49% of them had assessed their cybersecurity protocols to check that they were adequate. This naive approach is precisely why hackers are increasingly targeting SMBs, as they provide an easy way to make quick cash, compared to much larger companies.
Another major problem is that the staff does not always receive adequate cybersecurity training. This increases the risk the company must deal with significantly, as employees prefer to ease their access to systems by using simple and obvious passwords that are effortless to crack.
These passwords are often so predictable, that a simple social media search of the employee can result in a hacker quickly building a wordlist tailored to the individual. They can then use this wordlist to brute force the password by trying all sorts of different combinations in a relatively short amount of time.
Many employees are also prone to being victims of phishing attacks. This is far more likely to occur inside an SMB, as employees are less likely to be able to tell the signs of a phishing attack without the right training. Phishing attacks are one of the most common practices cybercriminals use when attempting to infiltrate an organization. Once an employee responds to a phishing email or clicks on a malicious link, malware can be downloaded, credentials might be stolen and used, and it’s all downhill from there.
SMBs Can’t Afford To Take a Stand
With SMBs struggling to allocate serious amounts of their budgets towards combatting outside intruders, many are left wide open to attacks left, right, and center. This can often lead to smaller companies cutting corners in an attempt to mitigate the number of attacks. However, without a fully fletched solution in place, these measures do relatively little in preventing a cyber-attack.
Ransomware, in particular, can be a huge problem for SMBs, with many unable to properly combat such an attack. This is due to not having competent security protocols in place to combat the malicious software or the funds to pay a ransom. This often leaves SMBs unable to take a stand against such attacks, making them extremely vulnerable. Fortunately, there are ways to combat these criminals that even SMBs can benefit from.
How SMBs Can Protect Themselves Against Cyber Attacks
With SMBs often operating on low budgets, it is necessary to plan smartly in order to properly protect their assets. This means making use of a full cybersecurity solution that covers all areas of a business and its systems.
One such way is to leverage a SOC platform (Security Operations Center). Provided that the SOC you select is equipped with the necessary capabilities to fully secure an organization, an SMB can hold its ground when encountering security difficulties without the need to hire an expensive in-house team. Most often, SOCs offer a full cybersecurity solution, providing proactive detection of incoming threats, security management to help mitigate against these threats, and detection and response services to attacks should they be needed.
SOCs, as mentioned, is an extremely effective way to deal with the risk of cyber threats. However, emphasis should also be placed on providing basic cybersecurity training to staff members to ensure they know how to spot phishing attacks and other techniques of social engineering. Other measures involve regularly updating software to ensure systems are fully up to date with the minimum number of vulnerabilities possible.