Hackers have plenty of impetus for targeting large enterprises, especially government agencies, financial institutions and health care organizations. Even large entertainment firms such as Sony Pictures, retailers like Target and telecommunications companies including TalkTalk have been exploited by cyber criminals.
That said, the highest valued companies are not the easiest targets, especially since there are relatively few of them compared to the amount of small and medium-sized businesses. Hackers on the prowl will follow any and all leads to a quick payday. Often, this means firing into the crowd, so to speak.
Cyber criminals will have better success going after a larger number of targets than trying to orchestrate advanced targeted attacks against one bigwig organization. Even as cyber criminals continue to become more ambitious, in all likelihood, cyber attackers will continue to go after smaller businesses in 2016. For this reason, it’s worth reviewing some of the biggest cyber threats currently facing SMBs.
Distributed denial of service attacks represent a huge cyber threat to any business, but especially to SMBs that can only afford limited bandwidth. As hinted at in the name, the purpose of a DDoS attack is to shut down a server, thereby blocking user access to specific Web services or applications. This is accomplished by flooding network intrastate with meaningless traffic. Hence the name, the heavy distribution of requests results in a network crash.
There are countless motives for orchestrating a DDoS attack. For example, it may be executed in an attempt to shut down specific security services, so as to orchestrate a more serious, supplementary attack. However, more often than not, the goal is extortion. Hackers will flood a network, and will send ransom notes to the company stating that they won’t ease up until a certain amount of money has been paid to them. This is precisely what happened to ProtonMail in late 2015. Cyber attackers shut down the company’s central data center, and then requested a ransom of 15 Bitcoins, the rough equivalent of $6,000. In response to pressure from third parties, ProtonMail paid the ransom. However, the cyber criminals did not ease up.
The first main takeaway here is that DDoS attacks remain a significant threat to all organizations, but especially companies that offer Web-based services, and in particular, SMBs that might not have significant bandwidth. The second lesson from the incident is that any SMB that falls prey to an attack should not pay a ransom. Recovery will be time consuming, and will most likely impact revenue. However, paying cyber criminals a ransom only for them to continue the attack will result in even more lost money. When it comes to prevention, network vigilance is key. Any early signs of an impending DDoS attack may make it possible to mitigate the effects. Laying out a smart network infrastructure that can evenly distribute barrage of traffic may also alleviate some of the strain.
Striking the point of sale
Point-of-sale malware is not a new cyber threat, but it’s one that has become especially prominent in the past few years. According to Trend Micro, SMBs were hit particularly hard in 2015, having accounted for 45 percent of all scenarios involving POS malware. Everything from restaurants to boutiques to small service providers are heavily targeted, mainly because cyber security is not quite as strong for these companies. Not to mention, smart, sneaky new strains of POS malware are always being created.
For example, Trend Micro researchers recently discovered a form of malware that seeks out POS systems in a network. Dubbed “Black Atlas,” the malware does not appear to target specific companies in any particular industry. However, SMBs are the most likely to be affected.
Other POS threats come in the form of skimmers. These are basically rigged payment processing units that are designed to collect card information, which is then sold on the Dark Web. Part of the reason this is such a big problem for SMBs is because smaller businesses are more likely to purchase less-expensive, poorly vetted card payment systems. Some of these are actually pre-configured with skimmers. In fact, Trend Micro noted that in China, cyber criminals can actually receive text messages every time a skimmer successfully plunders payment information.
In order to avoid being snagged by a POS malware scam, SMBs are encouraged to always purchase verified, well-known payment processing systems. This will significantly reduce the threat of skimmers. Defending against POS malware is slightly more complicated as strains continue to become more elaborate, and generally more difficult to detect. There have been several cases in the past few months of hotel chains having customer payment information stolen as a direct result of POS malware.
The good news, however, is that the use of EMV chip technology significantly reduces the chances of payment information being pilfered. Rather than using the same code for every transaction – as magnetic stripes do – these chips generate a single-use script for each purchase, so that even if hackers to manage to collect this information, it is essentially useless.
Therefore, SMBs are encouraged to make the shift to EMV card processing systems as soon as possible, especially considering that as of October 2015, liability for stolen payment data shifted to merchants. Any business that does not have EMV card reading technology, and is hacked, can therefore be held accountable for the ensuing damages. Many small businesses can hardly afford to become the victim of a POS malware ploy, let along cover subsequent legal damages.
Phishing scams will always be a problem for companies of all sizes. As long as corporations continue to fall for these ploys, hackers will work tirelessly to bring down their targets, which include SMBs. Much like DDoS attacks, modern phishing scams often take the extortion angle. One of the most prominent, recent examples is the notorious CryptoLocker strain. There are various forms of encryption malware, and many of them start off as phishing scams.
Other phishing ploys might target social media portals, so as to take control of an account. For an SMB that relies on its Web presence to drive traffic to brick-and-mortar locations – for example, a restaurant, bar or mechanic shop – a hacked company Facebook page isn’t exactly choice marketing. Regardless of the targeted medium, a phishing scam can cause serious productivity setbacks for SMBs.
When it comes to securing against phishing scams and cyber threats in general, employee vigilance is hugely important. Granted, even this won’t always be enough to prevent a business from becoming the victim of a cyber attack. For the real tricky threats, SMBs will have to rely on threat protection.