Is Your Small Business Under Cyber Attack?
Small businesses are falling victim to cyberattacks at an alarming rate, and they must learn to better identify and respond to the threats, in spite of the real and perceived limitations to time, money and resources. Today, both the businesses’ short-term financial health and its long-term sustainability depend on a strong cybersecurity posture, as phishing, malware, ransomware, cloud and other threats prove extremely challenging for small businesses to overcome.
With a relatively low level of awareness and limited security resources, small businesses are now seen as easy pickings by cybercriminals. And thanks to automation, attackers can now disperse a single attack that targets thousands to tens of thousands of small businesses at a time, with just the click of a button. It’s that easy – and it only takes one employee to take the wrong action to set an attack in motion.
According to a Ponemon study, nearly 70 percent of small businesses experienced a cyberattack in 2017, yet nearly half of respondents said they have no understanding of how to protect their companies against cyberattacks. This level of risk is directly correlated to a small businesses’ adoption and usage of vulnerable cloud apps (e.g. Dropbox, Office 365, G-Suite, etc.), and its use of contractors and remote workers for business continuity, among other factors.
What are the primary cyber threats to small businesses?
Today, many small businesses rely on the built-in security of cloud apps, if they rely on any security at all. However, such security offers little to protect against credentials from being stolen or against an employee from compromising assets either maliciously or out of human error. In the Ponemon study, 40 percent of respondents that said they experienced an attack said it involved a compromised password.
For small businesses, these are several major threats to lookout for. These include:
- Malware: A wide variety of malicious software that invades, damages or disables computers or systems, often to steal, encrypt or hijack computer functions.
- Ransomware: A malicious software that prevents access to a computer and holds its files captive until a ransom is paid.
- Phishing: A common strategy where hackers use phony messages, email accounts and links to solicit information and gain access to accounts.
- Wi-Fi Phishing: A strategy whereby hackers entice employees to download malicious code into a captive portal by disguising it as a software update.
- Commjacking: This is when hackers hijack the communication channel between any device and the Wi-Fi or cellular network, then intercept, steal or manipulate data & communications.
Spotting the warning signs of a cyberattack
Did you know that half of small business owners victimized by a cyberattack don’t even know about it, according to a Nationwide survey? While some malware and ransomware may not be identified until files are locked or corrupted, there can be some red flags for small business stakeholders to lookout for. Signs of a malware infection could include:
- Slow computer performance
- Programs opening or closing automatically
- A lack of storage space
- Frozen windows
- Blue screens
In phishing campaigns, attackers masquerade as trusted parties and try to lure small business employees or owners to open documents, fill out forms or make payments. According to the Cyber Security Awareness Alliance, common signs of a phishing attempt could include:
- Abnormal request for confidential information
- Mismatched or misleading information
- Use of urgent or threatening language
- Promises of attraction rewards
- Suspicious attachments
Many of today’s spearphishing attempts are so micro-targeted and cleverly-created that even trained IT professionals can have a hard time distinguishing them. Oftentimes, a hacker may use a superior’s email account and ask a subordinate to pay an invoice, submit a document or follow a link and open an account.
Small businesses can find several online resources, such as this quiz by Jigsaw and Google, to help their employees learn how to better identify phishing attempts.
Taking action against known or suspected cyberattacks
Whether it’s suspicious activity or an attack that has already happened, responding quickly is key to reducing the damage and regaining continuity. Follow these steps to prevent an attack from growing worse
- Isolate the Problem – Isolating the problem can reduce the attack’s ability to spread throughout the network and infect other systems. If you suspect a computer is infected with malware, immediately disconnect it from the network. If you suspect an employee’s credentials have been stolen, immediately suspend access and force a password change.
- Communicate the Problem – Next, let everyone in the organization know of the suspected attack. If one employee was hit with a phishing scam, it’s likely others were targeted, too. Spreading the word quickly can reduce the ability of the attack to spread. Also, consider reporting it to authorities. While they probably can’t do anything to help recoup your losses, they can learn more about the threat and notify the cybercommunity to reduce the risk that may cause others to fall victim.
- Investigate and Learn – Conduct a thorough investigation to determine how the attack happened and make sure you put policies and protections in place so that the vulnerability won’t be exploited again in the future. Post-attack actions may include: installing new systems, implementing new policies or even additional training for employees.
- Restore – Finally, when you’re sure the problem has been purged, perform a safe restore from backups of the computers and files that were impacted. This should underline why it’s critical to ensure you’re running verified backups on a daily basis. Losing a few hours or a day’s worth of work and changes is better than losing weeks or months of it.
Coronet protects small businesses from cyberattack
Coronet’s data breach protection platform monitors a small businesses’ cloud applications for data leaks, cyber-threats and regulatory violations that put your business at risk. We designed our platform from the ground up in order to have all needed security available in a single, autonomous, cloud-based system, removing the need for heavy implementation and integration, and manual monitoring and intervention. It’s security – done!