In 2022 alone, a total of 61 percent of all cyber attacks were aimed at small and medium-sized enterprises - SMEs. Ransomware was particularly successful. Therefore, the protection must be improved and also fit into the budget.
Ransomware – a threat we are all increasingly aware of and would prefer to stay away from. It affects every sector and the attacks are becoming more frequent and more sophisticated. Yet few small and medium-sized enterprises (SMEs) are aware that they are just as, if not more, at risk than larger companies. In fact, in 2022 alone, 61 percent of all cyberattacks were aimed at small businesses.
61 percent of SMEs affected
Part of the incentive is that SMEs retain a wealth of confidential information; from medical records to bank accounts that cybercriminals can either sell on the dark web or extort for ransom. Additionally, those affected may be subject to additional fines if confidentiality laws are violated.
Add in the loss of customer trust that many SMBs depend on to compete with larger companies and it becomes clear just how devastating an attack can be. As SMBs continue to adopt a variety of new technologies on their journey to digital transformation, this threat is only going to increase. From moving to the cloud to leveraging SaaS platforms that facilitate remote access for hybrid work, more devices are exposed to the internet today than ever before. So how can SMBs increase their cyber resilience to prevent a ransomware attack?
The criminal business with extortionate returns
Cyber criminals are increasing the frequency and sophistication of ransomware attacks. Ransomware is preferred because it can be deployed quickly and promises lucrative profits. Criminals gain access to valuable company data and encrypt it so that it can no longer be accessed. The only way to get your own data back is to buy the unlock code from the perpetrators for a lot of money. Sometimes even a lot of money, mostly in the form of untraceable cryptocurrency.
No guarantee after ransom payment
In 2021, it was reported that ransomware cyberattacks worldwide resulted in companies handing over a total of 49 million euros. It must not be forgotten that we are dealing with criminals here. So there is no guarantee that data will be released after a ransom has been paid, on the contrary - the perpetrators could ask for even more, the worse the victims' distress becomes. Some cyber criminals may even try to up the ante by launching a double or even triple extortion attack. Part of the tactic is to only share some of the stolen data (sometimes even customer data) in order to increase pressure or demand money from the data subjects.
How can SMEs protect themselves?
It all starts with improving resilience. First of all, all organizations should be aware of security patches and roll them out to all employees and devices as they become available. Any delay could present a golden opportunity for cyber criminals. It is important that internal processes are improved so that these updates can be carried out quickly and efficiently.
Second, it must be ensured that the backups are not connected to the main server in any way. Organizations often feel false security because they have a backup somewhere, but in many cases it's stored on the same server as all other data, which means all data is accessible in the event of an attack. Instead, organizations should have a fully isolated, off-site network backup so that when recovering from a ransomware attack, employees can access critical files that allow them to continue day-to-day operations.
Too many solutions eat up the budget
As budget is often an obstacle for SMBs, it should be a priority to reduce the number of existing solutions and consolidate onto a single platform or vendor before implementing new technologies. The reason for this is that companies often rely on a number of third parties to protect different areas of their business. This unnecessarily introduces double safeguards. Reducing the number of vendors involved lowers the total cost of ownership (TCO), reduces the attack surface, and provides a unified view of the entire network, making it easier to spot unusual activity.
Time of (necessary) change
Ransomware is a growing problem and there are no signs of slowing down. Therefore, SMBs must prepare now before an attack occurs. As you plan for this new era of change, it's important that you don't view your cybersecurity strategy as a one-off. It must be flexible so that it can adapt to changing threats. Hackers' methods are constantly evolving, so companies must be prepared to change their modus operandi at the same pace. It is important that this becomes a priority for every SME as any delay can have devastating consequences.
More at CheckPoint.com
About check point Check Point Software Technologies GmbH (www.checkpoint.com/de) is a leading provider of cybersecurity solutions for public administrations and companies worldwide. The solutions protect customers from cyberattacks with an industry leading detection rate for malware, ransomware and other types of attacks. Check Point offers a multi-level security architecture that protects company information in cloud environments, networks and on mobile devices, as well as the most comprehensive and intuitive “one point of control” security management system. Check Point protects over 100.000 businesses of all sizes.