Business IT

How cybercriminals are targeting small businesses

By Stephen Withers on Apr 19, 2016 5:12PM
How cybercriminals are targeting small businesses

Editor's Picks

IoT Explained: What is the Internet of Things in Australia (June 2022)

5 essential digital transformation ideas

Top 5 Benefits of Managed IT Services

Venom BlackBook Zero 15 Phantom

A security expert explains how to combat the new types of attacks threatening small businesses.

Ransomware, spear-phishing, targeted attacks – new cyber threats are on the rise, although most use familiar tricks like persuading people to open malware-laden email attachments.

That makes it “more critical than ever" for small businesses to focus on the fundamentals of cyber security, Symantec's Pacific region information protection business manager Nick Savvides told BIT.

 These fundamentals include:

  • Installing reputable, frequently-updated endpoint security software (what most of us still call anti-virus)
  • Using strong passwords, and taking advantage of two-factor authentication (such as codes sent to your mobile phone) where it is available
  • Implementing a strict back-up regime
  • Being cautious about opening emails and attachments.
Newsletter Signup

Get the latest business tech news, reviews and guides delivered to your inbox.

I have read and accept the privacy policy and terms and conditions and by submitting my email address I agree to receive the Business IT newsletter and receive special offers on behalf of Business IT, nextmedia and its valued partners. We will not share your details with third parties.

"A big chunk of the targeted attacks" are aimed at small businesses, Savvides said. For example, Symantec’s latest Internet Security Threat Report found that 43 percent of spear-phishing attacks – fraudulent emails that appear to be from an individual or business you know – specifically targeted small businesses in 2015. That’s up from 34 percent in 2014.

Professional services firms targeted

Ransomware – malware that encrypts files, making them useless until a ransom is paid – is also on the rise.

“In fact, Australia is the number one target for ransomware targets in the Southern Hemisphere with the average number of ransomware attacks per day increasing 141 percent from the year before,” Savvides said. “The country was also ranked as one of the top ten targets globally for social media scams and targeted attacks.”

He said that professional services firms – accountants, lawyers, medical practices and so on – are "highly targeted right now" by the criminal elements behind ransomware, as they present lucrative targets. The high value of the data stored by such businesses means they are highly likely to pay the ransom if they can't recover it from backups.

The top method for spreading ransomware is via email, he said. Cyber criminals are now producing well-crafted and more targeted messages that get through the filters used by mail services.

"People expect the filters will take care of this, but they don't," said Savvides. "They only need to suspend the victim's suspicion for a few minutes."

The prevalence of ransomware makes good backup practices "super-critical", he said, using a “multi-tier” strategy to back up to more than one device, such as an external hard drive, NAS device and a cloud storage service. It’s also important to store multiple versions of each file; otherwise the ransomware-encrypted versions could overwrite the only remaining good copy.

Compromised servers

Savvides warned that not all small business service providers are well informed about security issues.

Some, for example, set up remote access to their clients' computers and servers to avoid the need to attend the premises every time a system needs attention. There's nothing inherently wrong with that, but it must be done correctly and securely as cyber criminals are looking for insecure systems to exploit.

This point was underscored by a recent warning from the Federal Government's Stay Smart Online that small businesses are being attacked via servers configured to allow remote access via the Windows Remote Desktop Protocol (RDP).

Once they discover an exposed server, "Criminals use 'brute force' attacks targeting weak passwords to guess the server logon password," according to Stay Smart Online. "Brute force is where an automated tool is used to work through all possible passwords until it finds the correct one. Once logged on, criminals can manually encrypt business files, including databases in some examples. They then leave a ransom notice on the server or send the business owner an email demanding they pay a ransom for the 'key', or code, to unlock the files. Ransom amounts have been known to reach up to AUD$8,000."

Servers allowing Virtual Network Computing (VNC) access are similarly vulnerable to such attacks. Remote access via a virtual private network (VPN) with strong passwords and two-factor authentication is more secure.

Targeting customer data

Another issue is that service providers don't always correctly value their clients' data, Savvides said. Attacks on small businesses aren't generally after the organisation's own data, but rather the information they hold about their customers or clients. That's especially true about information that can be used in identity theft, so accounting firms are "a juicy target for the bad guys".

Also, medical records – which often contain name, address, date of birth, Medicare number and more – sell for around $40 each on the black market. That's a lot more than the 25c paid for stolen Netflix account credentials.

Savvides suggested that small businesses should ask their service providers whether they read Symantec's Internet Security Threat Reports and similar publications from other security companies.

Although small businesses don't have access to the training courses used by bigger enterprises, there are plenty of online resources from law enforcement and security vendors that can help.

So warn your staff that your business is likely to be attacked and that they are the last line of defence, and give them an hour or two to work through some of those training materials.

Copyright © BIT (Business IT). All rights reserved.
Tags:
cybercrime security symantec
By Stephen Withers
Apr 19 2016
5:12PM
0 Comments

Related Articles

  • 5 essential digital transformation ideas
  • Edging towards smart city dreams with edge computing
  • How SMEs can ensure business IT security measures are sufficient in an evolving threat landscape
  • 5 Considerations to help businesses with their cybersecurity strategy
Share on Twitter Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

5 essential digital transformation ideas

5 essential digital transformation ideas

Digital dystopia: your reputation is on the line

Digital dystopia: your reputation is on the line

IoT Explained: What is the Internet of Things in Australia (June 2022)

IoT Explained: What is the Internet of Things in Australia (June 2022)

How to manage payment risks and fraud in 2022

How to manage payment risks and fraud in 2022

Poll

What would you like to see more of on BiT?
News
Reviews
Features
How To's
Lollies
Photo Galleries
Videos
Opinion
View poll archive
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.