SMBs: Easy targets

Share this article:
SMBs: Easy targets
SMBs: Easy targets

Small businesses have fallen victim to cyber attacks during the past year. With sophisticated criminals now leveraging social engineering and malware to compromise people inside the corporate environment, small to midsized businesses (SMBs) have become targets. Why? Because most do not spend money on the right security solutions.

The first step toward better protecting an organization is to learn how these attacks work. Most SMBs think that establishing firewalls and installing anti-virus software will fend off an outside attack. However, these entities often neglect to think beyond this type of endpoint security.

Every employee has the potential to become compromised. To exploit that vulnerability, cyber criminals size up the organization, usually by searching social networking sites for information about the team. 

After an attacker identifies a particular staffer, he can compromise that person using malware and then log into and explore the SMB's network. From there, a criminal can solidify his presence within the company to steal usernames and passwords, install back doors and create power users by altering employee permissions. Once that happens, it's easy to steal data and cover up the evidence, making it hard for SMBs to even recognize that an intrusion has occurred.

SMB attacks are on the rise because these businesses have been slow to protect themselves from cyber crime. To change that status, companies should reduce their risk by identifying sensitive data, building policies to protect it, and auditing access activity. Companies also must train users to identify phishing emails in order to curb risk. 

While user awareness is important, SMBs need additional safeguards. Such measures should include the ability to detect abnormal activity and malware-infected devices, as well as the means to contain compromised equipment and protect sensitive data. SMBs need to take these steps to defend themselves.

Share this article:

Sign up to our newsletters

More in Opinions

The cool factor: New tech in banking has an edge

The cool factor: New tech in banking has ...

Disruption is expected; financial crime should be, too.

Me and my job: James Hill senior security architect, Consolidated Data Services

Me and my job: James Hill senior security ...

James Hill senior security architect, Consolidated Data Services (CDS), discusses his role at his organization.

Ahead in the cloud

Ahead in the cloud

Growth businesses are always looking for flexible ways of working that reduce capital and running costs, while securely delivering the data users need, when and where they need it.