Ransomware attacks generate big headlines when the targets are government entities, universities and healthcare organizations. But there’s one increasingly frequent target of ransomware attacks that tends to slip under the radar. Small and midsize businesses (SMBs) have become bigger financial targets for hackers. Webroot™ Senior Threat Researcher Kelvin Murray points out that the SMB sector has become a cash cow for cybercriminals. According to Murray, there are more SMB targets than criminals have time to target, mostly due to inadequate security among SMBs.
It’s also become far easier for anyone with malign intentions but lacking coding skills to launch attacks. Murray cites the availability of ransomware kits on the dark web that anyone can download and figure out how to launch. Going by the name Ransomware as a Service, these kits reduce the sophistication required for perpetrators to target SMBs and collect hefty ransom payments.
Business email compromise (BEC) is also on the rise. In BEC attacks the perpetrator, pretending to be a colleague or vendor, contacts you under the pretense of requesting payment or disbursement for a seemingly legitimate business purpose. Businesses easily fall for these scams because, with so many invoices and payments occurring on a daily basis, it’s easy to slip a fake one in.
All of this malicious activity points to the need for a layered approach to cybersecurity. This includes essential security measures like firewalls, endpoint protection and DNS protection. And, since even firewalls can be circumvented, it means keeping backups of all business data so you never have to pay a ransom to get your data back.
Attacks like BEC are less about malware and more about manipulating people. This is why security awareness training with phishing simulations are increasingly important. Murray emphasizes that security awareness training is necessary due to the increasing popularity of remote working. While the corporate office is usually equipped with firewalls, DNS protection, corporate logins and security guards at the front door, now that everybody's working from home, all of those things are absent. In their place you have faulty routers, dodgy setups, people sharing houses with other people and maybe even sharing PCs.