By Mac McKee – Red Sky Alliance (photo by protonmail)
There is a common misconception among small and midsize businesses (SMBs) that hackers target only large organizations. Unfortunately, this belief is completely inaccurate. According to the most recent Verizon Data Breach Investigations Report, more than 70 percent of cyberattacks target small businesses. Additionally, many attacks are now shifting to target managed service providers (MSPs), specifically because breaching an MSP can give hackers access to its entire SMB customer base.
Why Are Hackers Targeting SMBs?
Hackers target SMBs because it is easy money. First, the smaller the business is, the less likely it is to have adequate cyber defenses. Moreover, even larger SMBs typically do not have the budgets or resources for dedicated security teams or intrusion prevention. On top of that, smaller businesses often lack measures like strong security policies and cybersecurity education programs for end users, so common vulnerabilities like poorly trained users, weak passwords, lax email security and out-of-date applications make SMBs prime targets.
Which Business Types Are in the Crosshairs?
Realistically speaking, most businesses face similar amounts of risk. However, hackers target some industries more often, such as finance or healthcare. Here are some of the business types that are currently topping hacking hit lists.
- Managed service providers: MSPs hold a great deal of valuable data for multiple customers across industries, which makes them desirable targets. Hackers use a technique known as “island hopping,” in which they jump from one business to another via stolen login credentials. MSPs and their SMB customers are both potential targets of these attacks.
- Healthcare organizations: Hospitals, physical therapy offices, pediatricians, chiropractors, and other healthcare practices are easy targets for cybercrime because they can have such chaotic day-to-day operations and often lack solid security practices. In addition, medical data and research can extremely valuable. Patient records alone can sell for thousands of dollars or more on the dark web.
- Government agencies: There are many reasons that cybercriminals, particularly nation-state terrorists, might target local, state or national governments. In particular, small governments and local agencies generate troves of sensitive information, while large governments can be victims of nationwide disruption, either for financial gain or sheer destruction.
- Financial institutions: You probably are not surprised by this list item. Banks, credit unions and other financial institutions have long been targets for hackers due to a wealth of data and money. In 2018, over 25% of malware attacks targeted banks - more than any other industry.
- Celebrities, politicians, and high-profile brands: Hacktivists–who are usually politically, economically, or socially motivated, like to seek out politicians, celebrities, and other prominent organizations as targets. They may even attempt to embarrass public figures or businesses by stealing and disseminating sensitive, proprietary, or classified data to cause public disruption, or for private financial gain via blackmail.
What Are Your Next Steps?
The only real requirement for becoming a hacking target is having something that hackers want, which means all businesses are at risk. Luckily, a few relatively straightforward tips can go a long way in keeping your business secure.
- All data in transmission and at rest should be encrypted.
- Proper data back-up and off-site storage policies should be adopted and followed.
- Update disaster recovery plans and emergency procedures with cyber threat recovery procedures.
- Institute cyber threat and phishing training for all employees, with testing and updating.
- Recommend/require cyber security software, services and devices to be used by all at home working employees and consultants.
- Review and update your cyber threat and information security policies and procedures. Make them a part of all emergency planning and training.
- Ensure that all software updates and patches are installed immediately.
- Check your insurance coverage for cyber breach and ransomware protection.
Lock down your business first
The right security layers can protect you from threats on all sides. There are plenty of guides available online in the form of articles, videos, webinars, etc. that are designed to help businesses stay safe from cybercrime. Additionally, services from Red Sky Alliance, bundled with Cysurance’s cyber insurance coverage can effectively mitigate threats altogether.
Red Sky Alliance strongly recommends ongoing monitoring from both internal and external perspectives. Internal monitoring is common practice. However, external threats are often overlooked and can represent an early warning of impending attacks. Red Sky Alliance can provide both internal monitoring in tandem with RedXray notifications on external threats to include, botnet activity, public data breaches, phishing, fraud, and general targeting. Red Sky Alliance is in New Boston, NH USA. We are a Cyber Threat Analysis and Intelligence Service organization. For questions, comments or assistance, please contact the lab directly at 1-844-492-7225, or feedback@wapacklabs.com
Reporting: https://www.redskyalliance.org/
Website: https://www.wapacklabs.com/
LinkedIn: https://www.linkedin.com/company/wapacklabs/
Twitter: https://twitter.com/wapacklabs?lang=en
Comments