Cyber Criminals’ Soft Target – Small and Medium businesses

Network cyber solution

With evolving technology, the world is witnessing tremendous rise in cyber crime cases as well. According to a recent statistic from Symantec, in 2016, 60% of the reported cyber-attacks were targeted at small businesses.

Cybersecurity is clearly a concern that the entire business community shares, but it represents an especially harmful (pernicious) threat to smaller businesses. As the report from US Securities and Exchanges Commission quotes” The reason is simple: Small and midsize businesses are not just targets of cybercrime; they are its principal target.”

The attack incidents increased from 2015 onwards as hackers begin to shift their focus from big corporates to small and medium businesses. They started to take advantage of the vulnerability of small businesses in cyber security protection and seek for “quick money” mainly through credit card information.

 

Small or Medium businesses with, typically do not emphasis on having adequate budget to cover cybersecurity for IT network. Moreover, a survey published by Manta in April 2017 shows 87% of small business owners don’t feel that they can be a target of cyber-attacks, and thus do not invest in cyber protection. This is a big loophole that hackers have started to take advantage of and more often than not, businesses end-up paying way more to attackers such as ransomware to retrieve affected business data.

 

Type of Attacks

 

There are eight common form of cyber-attacks:

  1. Malware,
  2. Phishing,
  3. Password Attacks,
  4. DoS Attack,
  5. MITM,
  6. Driven-by Downloads,
  7. Malvertising, and
  8. Rouge Software.

 

According to the statistics released by Symantec in 2016, more than half (52.4%) of spear phishing attacks was carried out using fake emails. And the most hazardous of them all, ransomware “WanaCry”, is widely spread by phishing email or links.

 

Risks

There are two types of risks for the business:

  1. Data Loss
  2. Data Breach.

 

Since 2015, Ransomware is one of the major methods of cyber-attacks.

Ransomware encrypts and locks all the files in affected PCs and Servers with a password. To unlock the files, the password must be purchased from the attackers, typically within a deadline of 72 hours. If the deadline is missed, the virus claims to permanently deletes all the files. This is a particularly dangerous form of virus as the attack as the loss to business goes beyond the ransom payment. Businesses lose countless operations hours and more importantly trust amongst stakeholders including clients. These attacks often result in loss of client-base due to tarnished reputation.

Data Breach is as harmful to business as the ransomware: Since 2013, over nine billion records have been lost, stolen or compromised. Gemalto has discovered 1,901,866,611 compromised data records in just the first half of 2017. In fact, IDC predicts that by 2020, more than 1.5 billion people, or roughly a quarter of the world’s population, will be affected by data breaches.

 

Hackers access personal and confidential information such as the credit card information and sell them to frauds, or use the identity to apply for credit cards.

Solutions

 

The first and arguably the most important step of cybersecurity measure for small businesses is to recognize that they are under risk. Secondly, having a cybersecurity plan in plan doesn’t mean that businesses need to make a huge investment. There are basic safety standards that need to be in place, most of which is fairly reachable from financial stand-point for businesses of all sizes.

 

  • A basic rule is to never open unknown links and files no matter who send you. Thus, no phishing emails and links or hidden virus can affect your PC or network.

 

  • Most of the cyber-attacks can be prevented easily by proper firewall, anti-virus and spam filters. As network professionals, Network Repairs recommend our Anti-Virus subscription with AV-Defender (powered by bit-Defender) and Kaspersky, and Barracuda Email Spam filter. With total of less than $5 per user per month, you will able to block 99% of the threads before they can reach you.

 

  • Going to Cloud may also provide better protection: choose an appropriate cloud service plan such as Network Repairs Exchange Online or Cloud Server Packages which can provide you additional protection for your local server
  • Managed IT Services is also a good solution at an affordable budget. It is crucial to have skilled professionals monitor your files and network. Network Repairs offers Managed IT services with 24/7 monitoring and reporting for backup and virus.

 

  • And most important: a proper backup plan with at least 90 days of data is a MUST! As Murphy’s Law, whatever worst will eventually happen. It is very true as several of our clients have had protection from us against Ransomware or other virus attacks since 2016. In the event of an attack, backup is they only way to save yourself—we are able to restore your server and files within 15 minutes if you have a proper backup virtual server kept in safe environment.