SMBs: Easy targets

Share this article:
SMBs: Easy targets
SMBs: Easy targets

Small businesses have fallen victim to cyber attacks during the past year. With sophisticated criminals now leveraging social engineering and malware to compromise people inside the corporate environment, small to midsized businesses (SMBs) have become targets. Why? Because most do not spend money on the right security solutions.

The first step toward better protecting an organization is to learn how these attacks work. Most SMBs think that establishing firewalls and installing anti-virus software will fend off an outside attack. However, these entities often neglect to think beyond this type of endpoint security.

Every employee has the potential to become compromised. To exploit that vulnerability, cyber criminals size up the organization, usually by searching social networking sites for information about the team. 

After an attacker identifies a particular staffer, he can compromise that person using malware and then log into and explore the SMB's network. From there, a criminal can solidify his presence within the company to steal usernames and passwords, install back doors and create power users by altering employee permissions. Once that happens, it's easy to steal data and cover up the evidence, making it hard for SMBs to even recognize that an intrusion has occurred.

SMB attacks are on the rise because these businesses have been slow to protect themselves from cyber crime. To change that status, companies should reduce their risk by identifying sensitive data, building policies to protect it, and auditing access activity. Companies also must train users to identify phishing emails in order to curb risk. 

While user awareness is important, SMBs need additional safeguards. Such measures should include the ability to detect abnormal activity and malware-infected devices, as well as the means to contain compromised equipment and protect sensitive data. SMBs need to take these steps to defend themselves.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in Opinions

Beware of the malware walking dead

Beware of the malware walking dead

This Hallows Eve might be a good time to remind ourselves that zombies can be just as deadly, and I'm referring to recycled tools and techniques from years gone by.

Why the Home Depot attack shouldn't have happened

Why the Home Depot attack shouldn't have happened

Major retailers are falling prey to massive credit card information heists, despite spending millions on cyber security systems.

Next-generation malware: Think like the enemy and avoid the car alarm problem

Next-generation malware: Think like the enemy and avoid ...

When it comes to enterprise security, one rule remains constant - attacks will continue to increase in sophistication and attackers will seek to outmaneuver existing defenses.