5 Hacks Every Business Operator Must Know About Cybersecurity

‍5 Hacks Every SMB Operator Must Know About Cybersecurity

‍

According to a report by Accenture, 43% of cyber attacks target SMBs. SMBs often have limited cybersecurity controls in place making them an easy target. 

‍

If you manage the security of any size of business, here are some key facts you need to know. 

‍

Attackers target SMBs for a multitude of reasons. Here’s just a few of the motives behind many attacks.

‍

Motivation 1: Financial motivation / Cash

Whether you have $10k or $10M in your bank account, you are a target for various forms of attacks that can give them access to your mone. Here’s just a couple of tactics used today.

‍

Tactic:  Fraud and payment switching 

• Gaining unauthorized access to credentials or accounts used to process payments and switching the account information to send payments to a fake and hard-to-trace account.
• Charging large purchases to corporate or customer credit cards via solen payment information.
  
  

Tactic: Ransomware

• Locking up your data and asking for a payment to restore access. Companies that don’t have backups are often forced to pay a ransom with no guarantees that data will actually be returned to them. According to reports, 55% of ransomware hit businesses with fewer than 100 employees, while another 75% of attacks targeted companies making less than $50 million in revenue.

‍

Motivation 2: Cloud computing power

Cloud resources and computing power can be expensive costs to manage. Some attackers run schemes and models solely focused on stealing computing power, leaving unsuspecting SMBs with hefty computing tabs to pay.

‍

Tactic: Stolen credentials to environments

• Compromising the account information of employees through social engineering or more sophisticated attacks and using those credentials to set up rouge cloud resources.

Tactic: Insider threat recruiting

• Attackers are known to recruit internal employees for fraud. In this approach, they collude with employees to steal information and commit fraud often offering a percentage of profit to the employee for their assistance in the fraud. This impacts companies large and small. For example, in the past, a Russian hacker group called "Fancy Bear" targeted the Democratic National Committee (DNC) during the US presidential election. The attackers were able to steal thousands of emails and other documents from the DNC's network, which were later released to the public.

‍

One of the tactics used by the hackers was to recruit an insider employee at the DNC to carry out the attack. The employee, who was working in the DNC's IT department, was targeted by the hackers through a spear-phishing email that appeared to be from Google. The email contained a link to a fake Google login page, which the employee used to enter their credentials.

‍

The attackers could then use the employee's credentials to access the DNC's network and carry out the attack. 

‍

Motivation 3: Valuable data

Believe it or not, SMBs can house a treasure trove of data that is attractive to attackers including the following: 

.

Personally identifiable information (customers or employees):

• Hackers often seek personal information regarding both customers and employees within an organization which can be used to impersonate users, steal identities, and commit fraud. This information can also be sold on the dark webr. If you invoice customers online, you likely store some of this sensitive datai and must protect it.  Examples include individual names, dates of birth, physical addresses, telephone numbers, email addresses, location data, biometrics, ages,and more.

Financial information 

• Information regarding finances, credit card, and bank account numbers, whether personal or business-related are most commonly of interest to attackers. 

Intellectual property

• Information can hold value even when it isn’t tied to an individual. Some attackers target insider business information for sale to competitors, social engineering attacks, business fraud, etc. Examples include business emails, trade secrets, non-public financial regards, source code, and others.

‍

Motivation 4: Hacktivism

Some attacks target SMBs for politically or socially motivated reasons. For example, if an SMB operates in an industry deemed socially unacceptable by some, it may be subject to hackers motivated to bring them down.

‍

For example, if a group of hacktivists disagrees with an e-commerce company’s products or environmental practices, they can launch a cyber attack to disrupt the business and raise awareness about the issue.

‍

The hacktivists might start by conducting reconnaissance to gather information about the business' website, such as its hosting provider, web server software, and vulnerabilities. They may use social engineering tactics, such as phishing emails, to trick an employee into revealing login credentials or other sensitive information.

‍

Once they have this information, the hacktivists could launch a distributed denial of service (DDoS) attack against the business' website. This involves flooding the website with traffic from multiple sources, making it difficult or impossible for legitimate users to access the site.

‍

Alternatively, the hacktivists could exploit a vulnerability in the website's software to gain unauthorized access to the site and deface it with a message about the business' environmental practices. They may also steal customer information or other sensitive data and leak it online to further damage the business' reputation.

‍

In either case, the hacktivists hope to disrupt the business' operations and draw attention to their cause. However, it's important to note that these actions are illegal and can have serious consequences for both the hacktivists and the business.

‍

Motivation 5: Using small fish to get to big fish

‍

Hackers target SMBs that work with big businesses. With the assumption that SMBs tend to be a weak link in the supply chain, attackers aim to compromise the connected SMB and then leverage that compromise to negatively impact the SMB. This is known as a supply chain attack. When a supply chain partner for a large business gets hacked, it could be motive the bigger business to find another, safe source, putting your business at risk of losing clients and revenue. 

‍

For example, in one of the most detrimental supply chain attacks, cyber attackers targeted an SMB software vendor called SolarWinds. The attackers compromised SolarWinds' software development process and injected a backdoor into one of the company's software updates. This backdoor was then distributed to SolarWinds' customers, which included many large enterprises and government agencies.

‍

The attackers were able to use this backdoor to access the networks of SolarWinds' customers and steal sensitive data. This cyber attack, which came to be known as the SolarWinds hack, is considered to be one of the most significant cyber attacks in history.

‍

This attack highlights the vulnerability of SMBs that work with larger enterprises. In this case, the attackers targeted SolarWinds, a small software vendor, in order to gain access to its larger customers. The attack succeeded because the attackers were able to compromise SolarWinds' software development process, which is something that many SMBs might not have the resources to fully secure.

‍

Learn more about Cyber Pop-up and how we are helping businesses like you stay safe and productive here.

For more updates, read more blogs posted on this Resource page, or contact our team at hello@cyberpopup.com.

‍