A common misconception is that the hackers focus solely on large enterprises and institutions with the sole aim of stealing gigantic amounts of money. It is far from truth, though – according to the recent data, 43% of all attacks were aimed at small and medium businesses. 60% companies whose defenses were broken were forced to close their business in the following 6 months, since they were unable to cope with the cyberattacks’ financial consequences.
Easy targets with minimal security
The main reason for attacking small and medium businesses is that their networks and databases are often less protected – the management tends to be under the impression that the attackers have no reason to pick their company as a target. Analogically, most of the larger businesses is protected very well, which makes the attack preparation and execution a much more tedious task with highly uncertain result. This forces the hackers to settle for smaller fish with higher probability of successful breach of sensitive data or financial gain.
A recent detailed study conducted by Sophos shows that the attackers have used more than 500 unique tools and techniques to steal data and finances from various businesses. The number of cyberattacks rises steadily, so it is high time to protect the company network before it is too late.
How can a business of any size protect itself? These two basic pillars can save the day even for the companies without an IT department:
Prevention – properly educated employees are less likely to be scammed, up-to-date software has patched know attack vectors, strong passwords are harder to breach, and 24/7 integrated antivirus and firewall in all company computers is able to filter out many threats. Despite all this effort, the more and more sophisticated attacks often pass through. That’s why it is crucial to have a no-maintenance protective solution on the network level, which does not require installation on the users’ devices and thus protects the increasingly targeted mobile and IoT devices. For example a DNS-based protection is able to identify malicious domains and prevent the employees from making the fatal mistake of falling for scam e-mails or SMS.
The first breach can cause a chain reaction
The primary danger lies in the theft of sensitive company and customer data, and information on company finance, accounts, and credentials. This data can be abused in plethora of ways, such as breaching intranet, databases, or attacking individual employees and their devices. The attackers often sell the data to other hackers on hacker forums, making the data theft just a first of a sequence of attacks.
For just a few dollars spent on the dark web, you can buy a long databases of credentials stolen either from the companies themselves, or from third party service and software providers (for example the databases of LinkedIn, Adobe, and Canva were breached in the past, leaking the users’ to the internet).
How can a business of any size protect itself? Either by continuous browsing of publicly accessible sources or by obtaining a service which monitors the places where the data are sold, alerting the user immediately when sensitive data connected to the user’s domain are found (often labeled as Identity protection).
The company is legally bound to notify its clients when the data is breached, thus losing its carefully built reputation and trust. It is probable that the clients will think twice before doing business with the breached company again, no matter what product or service it offers.
Paying the ransom does not necessarily mean getting the data back
According to another recent study, the second most frequent type of attack is ransomware. Cybernetic blackmailers access a company database, block it, and demand a payment – after which they theoretically allow the company to access the data again. Usually they encrypt all the files and promise to send the company a key afterwards.
That is unfortunately not always the way. In 2021, only 58% of companies who paid the ransom got their data back. 32 % of those only got the access after paying an additional ransom. Moreover the amounts required are not insignificant – in 2022, the worldwide average was €190,000.
The attackers abuse human errors – and nobody is perfect
Aforementioned phishing, Smishing, spearphishing and homograph or punycode attacks are the most prominent way for the attackers to access company databases. The attacks use e-mails, SMS, and chat messages which seem to be coming for example from the CEO of the company, service provider (a popular look-alike is Microsoft and fake alerts for MS Office log-ins) or well-imitated automated internal system messages.
These attacks based on “social engineering” manipulate the users and force them to fill in their log-in or payment credentials. This leads to data leak, which enables the hackers to steal more or less anything. In the case of an employee using company computer or mobile phone, this can lead to compromising the whole company network.
How can a business of any size protect itself? A common misconception is that firewall and antivirus are enough to protect a company – but these should be only a first layer of the so-called security architecture or a security perimeter. They are a base on which you can build effective defense. The solution is to employ a protection on network level which can deal with more sophisticated attacks, such as DNS tunneling (DNS spoofing), 0-day threats, and attacks on IoT devices.
Comprehensive network security
An ideal and modern solution is network-wide DNS security, which we call Whalebone Immunity. It does not require any special hardware and right after setting up the two-weeks-long free trial (it takes about 2–3 hours) it already protects your whole network without the need to install any software in your employees’ devices.
If you have network admins, it will give them detailed overview of the network’s DNS traffic up to the level of single device or user.
Immunity can protect even the remote employees working from home or elsewhere (such as in a café, where the protection is usually non-existent, or when on a business trip). Moreover, the aforementioned Identity protection feature is included, which will alert you not only of the new leaks, but even of the last 20 years of stolen sensitive data connected to your domain.
Watch a short video explaining how Immunity protects your network, set-up a short demo-call and get a 14-days-long trial version.
