A discrepancy exists between the current security threatscape for SMBs and awareness of the threats encompassed in that landscape. A total of 14 million SMBs were victims of cyberattacks in 2016, but only 2 percent of these organizations listed cybersecurity as a critical issue. And only 37 percent of those who responded to Webroot’s 2015 SMB Threat Report felt completely ready to protect against threats. SMBs know the need is there, but there is no urgency, so cybersecurity often falls at the bottom of a long list of concerns that require immediate action.
- Malware: Software that is intended to damage your IT systems, which spreads quickly, and can upload sensitive data to a remote server controlled by criminals. Other types, like ransomware, deny access to data until a fee is paid, usually in the form of digital currency. The fee required is per infected machine, so SMBs with multiple compromised computers may pay the ransom multiple times, and paying the required amount doesn’t guarantee data will be released.
- Social engineering: These attacks trick users into sharing data by playing on human nature and emotion. They primarily take the form of phishing. For instance, when an unsuspecting user clicks a malicious link in an email they are directed to a website to enter log-in credentials. The site is spoofed, which means it looks legitimate but it resides on a compromised server. Other forms of social engineering include baiting, which is when something tangible—like a free music or video download—is offered to get users to provide credential information and quid pro quo, which is a promised benefit in exchange for credentials. Quid pro quo differs from baiting because it’s a service that’s promised, not a tangible item like a download.
- Malvertising: Pop-up advertising that contains malicious code is called malvertising. If a user clicks anywhere in an infected ad—including on the X to close the pop-up—the computer can be infected. Some types of malvertising may lead to a page that contains harmful code which downloads to the computer and executes automatically when the user lands on the page.
- DDoS attacks: These attacks send so much traffic to your network or your website that it is overwhelmed and shuts down. SMBs are increasingly targeted in DDoS attacks because they’re poorly secured making it easier to bring down a network and gain access to sensitive information which is then used to infiltrate other systems, to blackmail the company, or for industrial espionage.
- Unsafe and reused passwords: Passwords are a bigger risk than most SMBs realize. Users are frustrated with password requirements and the number of passwords they must manage. As a result, 90 percent of those users create passwords that are crackable within 6 hours. But that’s only half the problem. Sixty-one percent of users are also willing to share work passwords with other users. The problem with both of these practices is once exposed, passwords may grant wide access to IT infrastructure and sensitive data.
- Lost devices: Lost device often contain sensitive information including corporate log-ins, network access, and even corporate data that can be used to undercut the business or to steal corporate secrets for espionage or blackmail. Often, SMBs don’t require mobile devices to be password protected and don’t use tools to enable remotely removing sensitive data or locking down applications on the device. Without some type of mobile device management, these organizations are at risk from every device that connects to their network.
- Broad access for contractors and guests: SMBs often grant broad network access to their vendors and site guests and this access is not monitored. These users may not be trustworthy, and once access is gained, they can plant malicious software or create back doors into your network. SMBs should limit access to only the minimum those vendors and guests need to perform their stated function.
Want to know more about how you can improve your cybersecurity? Read our free white paper.