Cyber Security

Cyber Security Threats Are Shifting toward Businesses

Cyber Security Threats Are Shifting toward Businesses

Internet attacks can hit anyone, but the current trend is toward targeting corporate sites. That’s the news from Kaspersky Lab. Attacks on individual users were down 21%, but ones aimed at corporate systems increased by 28.4%. This includes small enterprises as well as megacorporations. Cyber security is increasingly important for all businesses.

Attacks follow the money

Criminals see more value to be gained by breaching business systems, and they’re focusing their efforts more. Alexander Liskin at Kaspersky thinks that software vendors’ increased efforts to fix security flaws may be a factor driving the shift. A successful attack takes more effort, so attackers are concentrating their efforts where they hope for a good return. Computers in homes usually don’t have large quantities of Social Security or credit card numbers.

The most targeted vulnerability in 2016 was one that the Stuxnet worm exploits. It affects only older versions of Windows or ones that haven’t been patched, but a lot of them are still in use. On those systems, viewing a specially crafted LNK (shortcut) file in Internet Explorer is enough to get infected. The user doesn’t have to download or run anything.

These trends should remind business owners, large and small, that they need to maintain strong security measures and keep their system software up to date. Large corporations may be the favorite targets, but people looking to break into computer systems know that small ones often have weak security and are easy pickings.

The threat of ransomware

Another reason for targeting businesses is the opportunities which ransomware opens up. New varieties are constantly appearing, and targeted attacks are growing more common. A successful attack encrypts files on the victim’s computer, and a payment is required to recover them. Businesses can’t afford to lose important data, so they often give in and pay. They don’t always get their files back.

Small businesses are popular targets because their security and backup budgets are limited. Attackers don’t collect the large sums they get from hospitals and other large organizations, but they see each small business as an easy victim, and they add up.

A successful attack on one computer can endanger the whole network. Many varieties try to encrypt attached servers or copy themselves to other computers. When an infected computer is discovered, it should immediately be isolated from the network, and the other machines should be checked for any problems.

Network defense is complicated

Another reason for the increased targeting of businesses is that network complexity opens up opportunities. Small business networks are no longer simple structures with a server and a few desktop computers. Mobile phones, remote connections, and Wi-Fi access points can open up weak points in the network. Once malware gets onto any device, it has inside access to the local network.

Spam with malicious links or attachments is more clever than it used to be. It’s often crafted for the organization it’s aimed at, or even for an individual. Opening an attachment can put a backdoor on the computer, letting the attacker pull information out until it’s found and removed — if it ever is.

A secure business network has defense in depth. It uses firewalls, mail filters, and software updates to keep attacks out. It runs anti-malware software to kill any that get onto the computer. It’s monitored for any sign that a breach has happened. It maintains an up-to-date backup to help in recovery from any damage.

Keeping up with all these needs is beyond the scope of most small businesses. We can help to keep your business network secure with expert management services. Loss of data and productivity to computer breaches can ruin a company, but a well-managed network will remain safe from most attacks. Contact us to learn how we can make your network more secure.