When a small business owner is faced with the responsibilities of production economics, financial reports and marketing all at the same time, cybersecurity can often appear complicated and, at times, unnecessary. However, this disregard for IT security is being exploited by cybercriminals. Kaspersky researchers assessed the dynamics of attacks on small and medium-sized businesses between January and March 2022 and the same period in 2021 to identify which threats pose an increasing danger to entrepreneurs.
In 2021, small businesses were three times more likely to fall victim to fraudsters than larger companies. The average loss from a single cyberattack has exploded from $34,000 to just under $200,000. In addition to financial hits, these companies have had to shoulder legal fees, compliance penalties, reputational damage and the loss of customers. These are setbacks that many small businesses are unable recover from.
To prevent such losses, business owners need to take better care of their business’s online security. A company’s cybersecurity begins first and foremost with its employees. According to public reports, the average employee has access to over 11 million files. The information that they have access to can vary from financial information or customer data to the secrets of their company's development. Cybercriminals are aware of this, which is why most attacks on companies are conducted through its employees, who are often untrained in the cyber-risks associated with their role.
Kaspersky researchers have collected data on the most frequent attacks faced by small and medium-sized businesses around the world and found that the total number of attacks between January-March 2022 has increased significantly compared to the previous year. In 2022, the number of Trojan-PSW (Password Stealing Ware) detections increased by almost a quarter compared to the same period in 2021 一 4,003,323 compared to 3,029,903. Trojan-PSW is a malware that steals passwords, along with other account information, which then allows attackers to gain access to the corporate network and steal sensitive information.
TOP 5 countries with the highest growth in Trojan-PSW attacks in thefirst quarter of 2022 in the comparison with the same period in 2021
Anotherpopular attack tool used on small businesses is Internet attacks, specifically, web pages with redirects toexploits, sites containing exploits and other malicious programs, botnetC&C centers, etc. The number of these attacks also increased in the firstquarter of 2022. In comparison to 32,500,000 infections in 2021, Kasperskyresearchers detected almost 35,400,000 in the first three months of 2022. Indonesia, the United States, Peruand Egypt were hit particularly hardby web malware with the number of attacks in those countries increasing severaltimes over the past year.
With the shifttowards remote working, many companies have introduced the Remote Desktop Protocol (RDP), a technology that enables computerson the same corporate network to be linked together and accessed remotely, evenwhen the employees are at home. It isn’t an unusual technology anymore as havingremote workers has become the new norm for many businesses. But this puts the securityof their devices and the corporate systems of a business in danger, as RDP is ofparticular interest to cybercriminals. With RDP in place, if the attacker gainsaccess to the corporate network, they can then conduct fraud on any of the business’scomputers that have been linked. The overall number of attacks on RDP hasdecreased slightly, but not in all countries. For example, in the firstquarter of 2021 there were about 47.5 million attacks in the U.S., whereas forthe same period in 2022 the number had risen to 51 million.
TOP 5 countries attacked through RDP between January and March 2022
To avoidsuch attacks, companies’ leaders need to improve the cybersecurity of their company,starting with one person in particular - the IT specialist. Advanced securityservices can provide built-in training to keep IT specialists up to date withthe latest cyberthreats. Through training and education, business owners can turnthem into sought-after cybersecurity specialists who are able to analyze howthreats may hit their particular organization and adapt technical andorganizational cybersecurity measures accordingly. This will help businessesavoid additional costs related to breaches of their corporate systems.
Kaspersky experts advise getting an advancedsecurity product to provide incident analysis. Many organizations don’t haveany plan in place to mitigate a breach of their organization, let alone thenecessary protection to prevent an infringement in the first place. This isparticularly true if a threat infiltrates their system and goes undetected –which is entirely possible if network monitoring and automated threat detectionmechanisms aren't in place.
Having a special security solution enablesattack visualization and provides IT administrators with a convenient tool forincident analysis. The faster they can analyze where and how a leak occurred,the better they will be able to solve any negative consequences. The new edition of KasperskyEndpoint Security Cloud, dubbed KasperskyEndpoint Security Cloud Pro, contains advanced newcapabilities, including automated response options and an extended set ofsecurity controls in a single solution.The Pro version also includes built-in training for IT workers seeking to boosttheir cybersecurity skills and make the most out of their specialized securityproducts.
Even smallbusinesses with limited IT resources still need to protect all their workingdevices, including computers and mobile phones, from cyberthreats. The updated Kaspersky Small Office Security is a key tool for startups, smallonline-stores and local businesses to keep all of their work devices protected,safely transfer any valuable business-related files and avoid falling victim toransomware.
“With the shift to remote working and the introduction of numerousadvanced technologies in the daily operations of even small companies, securitymeasures need to evolve to support these sophisticated setups. Cybercriminalsare already way ahead of the curve, so much so that virtually everyorganization will experience a breach attempt at some point. For smallcompanies today, it's not a matter of whether a cybersecurity incident willhappen but when. Having trained staff and an educated IT-specialist is no longera luxury but a must-have part of your business development,” comments Denis Parinov, securityresearcher at Kaspersky.
To protect your business, Kasperskyrecommends:
● Providing your staff with basic cybersecurity hygiene training asmany targeted attacks start with phishing or other social engineeringtechniques.
●Usinga protection solution for endpoints and mail servers with anti-phishingcapabilities to decrease the chance of infection through phishing emails.
● Takingkey data protection measures. Always safeguard corporate data and devices,including by using password protection, encrypting work devices and ensuringdata is backed up.
●Keepingwork devices physically safe – do not leave them unattended in public, alwayslock them and use strong passwords and encryption software.