We live in a technocentric society, and as such, it is common to see more and more aspects of our lives have their digitalized, online version, which not only happens with people (through social media) but it has also happened with businesses. Such technological dependency can result in increased efficiency, having more effective strategies, and even improving communication and connectivity among employees and departments.
It is not uncommon that SMBs rely on cloud storage and internal networks to work on their different projects, or even share information with their clients if they are unable to meet in person. However, regardless of all the advantages that come with these practices, there are several disadvantages still, and SMBs should particularly worry about cybersecurity, as reports indicate that up to 60% of small businesses have been victims of cyber-attacks through different types of threats, such as phishing emails, malware damage, and DDoS attacks
One of the most common types of cyber-attacks that target SMBs is phishing, which consists on deceiving employees of a particular company in order to provide sensitive information that can be used to infiltrate the company’s network and damage it, blackmail personnel, or gain access to financial data and take funds from there.
Even when phishing can be done by phone calls and text messages, email is the go-to medium for scammers to mislead individuals, making them download infected files, or following malicious links that will lead to a network breach, gaining access to restricted data. This is why it is important to make sure our employees are well informed and trained in order to detect fake emails and any other cyber threat.
Just like with phishing, malware is most commonly spread by malicious emails. Actually, reports state that more than 90% of malware is delivered via email, when employees are deceived into downloading an infected document or following a fake link, resulting in malware being installed into the company’s equipment.
Malware is a generic term for different types of malicious software with the intent of damaging or obtaining computer’s information. The most common types of malware that targets SMBs are ransomware, which keeps data and operating system as a hostage and demands the owner for a ransom in order to regain access, and spyware, which monitors the activity of the infected device, being able to obtain access to sensitive information and use it with criminal purposes.
Another type of attack that is becoming more and more common is Distributed Denial of Service, on which hackers overload the website of their target with fake web traffic until the site crashes, resulting in a temporary (and in many cases, permanent) disruption of business operations. DDoS usually cause financial hardship to the victims, and reports state that 33% of SMBs suffered from this type of attack in 2017.
Even when Web Application Firewalls can protect our network from a DDoS, most companies are vulnerable, and taking further action is needed. Most of the times, companies only contact a specialized partner when they are under attack but making sure we maintain a constant culture of cybersecurity is the best way to stay protected, shielding our businesses, and securing our future in the market.