If you still believe that small and midsized businesses are less at risk for cyber attack than their enterprise counterparts, you need to read this. A recent Cisco report notes that 53 percent of mid-market companies have experienced a security breach. Think about that: More than one out of every two companies have fallen victim to cyber attack. If that doesn’t scare you, this will: Twenty percent of those companies estimate the resulting financial damage somewhere between $1 and $2.5 million. Could your organization withstand a financial blow of that magnitude? If you’re like many, the answer is no. So what’s the SMB to do? Just as attackers continue to expand their tactics, so too must businesses adapt their security response. This blog will explore the most common security threats to help you better understand today’s ever changing threat landscape.
Phishing Gets Social:
Glaring typos, bad grammar, questionable link destinations—Gone are the days when a simple once-over would tell you if you were looking at a phishing email. In recent years, attackers have expanded their toolbox with tactics that are harder to spot. One of the most effective tools in the attacker’s arsenal is social engineering. Scouring blogs, social media, and other publicly-available information, attackers are using outside intelligence to help them create a more believable impersonation. One of the most effective takes on this strategy paints the attacker as a high-ranking colleague or boss. Complete with a spoofed sender name, the attacker emails a lower level employee with a message designed to create urgency and stress. Think: “… I need this handled immediately.” You can imagine what happens next. So can attackers, and that’s why they’re increasingly turning to social engineering as a way to get inside your network.
Ransomware Thinks Small:
Think you’re not vulnerable to ransomware because you’re a small business? Think again. Or better yet, think like an attacker: You could focus your efforts on one large enterprise, where you’d have to penetrate a well-protected network and hope that management agrees to pay. Or, you could distribute your efforts across several smaller, less-protected organizations. With easier entry and multiple decision makers, you’d probably improve your chances of someone paying up, right? Put in this context, it’s not surprising that small and midsize organizations are increasingly becoming the target of ransomware attacks.
Malware Lives On:
Malware is evolving and most SMBs are ill-equipped to respond to it. Today’s advanced persistent threats seek to gain access to one’s network, and once there, actively work to expand their permissions through a variety of processes designed to strengthen access and cover their tracks. What’s more? These threats often nest themselves within an organization’s backup files. What does that mean? When the breach is discovered and the organization reverts to a previous state, the malware is still there.
How should you respond to these threats? Put yourself in the best possible position. Contact our team of IT security consultants and schedule a vulnerability assessment today.