January 10, 2024 | Posted in News
Small businesses are among the highest risk for cybersecurity attacks, according to Acting National Cyber Director Kemba Walden. Cyberattacks on small and medium-sized businesses (SMBs) are escalating by more than 150%, reaching 31,000 attacks per day, according to a recent report. Last year, 82% of all ransomware attacks targeted SMB organizations. SMBs also experience 350% more social engineering attacks than larger organizations.
SMBs are low-hanging fruit for cybercriminals because they have limited IT resources, staff and cybersecurity defenses.
U.S. government agencies recognize this threat and are introducing several new initiatives to help SMBs combat it.
The U.S. recently introduced a “Small Business Cybersecurity Community of Interest” (COI), which encourages SMBs to follow the National Institute of Standards and Technology’s (NIST) cybersecurity research, standards, guidelines and practices.
The Cybersecurity and Infrastructure Security Agency (CISA) recently updated its cybersecurity performance goals (CPGs) to lower the cost and recommend goals SMBs can implement to improve their cybersecurity.
Senators Catherine Cortez Masto (D-NV) and James Risch (R-ID) introduced a bill to create a program at the Small Business Association and allow companies to “pool together” to purchase cybersecurity products at a lower cost.
While these initiatives ramp up, SMBs have to realize it only takes one mistake to cause irreparable damage. One person opening a phishing email and clicking on the link or attachment could lead to a ransomware demand or paying for a fake invoice, effectively shutting down the business. The email could access a larger partner organization’s supply chain or customer data, effectively damaging the brand.
SMBs hoping traditional email will prevent phishing emails from reaching inboxes or who still believe they are “too small to target” are playing with fire, because cybercriminals are finding more ways to get phishing emails into inboxes.
They are using ChatGPT to write more polished phishing emails, executing more sophisticated schemes using domain spoofing, and redirecting users to malicious websites using YouTube, Google Translate or AWS services.
According to Gartner’s most recent email security market guide, “Impersonation and account takeover attacks via business email compromise (BEC) are increasing and causing direct financial loss, as users place too much trust in the identities associated with email, which is inherently vulnerable to deception and social engineering.”
Enabling DMARC, DKIM and SPF for domain authentication helps block email phishing from impersonation domains.
Adopting a firm password policy with multi-factor authentication. Using passwords with multi-factor authentication leverages one-time passwords, biometrics and even challenge and reply tokens. If deployed correctly, this could help businesses protect their data while standardizing a universal authentication strategy across the company.
Investing in end-user education and security awareness training helps front-line workers spot potential phishing emails.
Remember, most phishing emails fall into one of five categories:
Failed Delivery Attempt
The “sender” implies the victim’s package couldn’t be delivered to the provided address and the user can trace it by clicking the link.
Join a Group
This type of template email uses a popular brand name and implies that a victim has been invited to join a group call from a trusted source.
Email Password Reset
Password reset emails, including those seemingly from Outlook 365, indicate the victim’s account has been disconnected and can only be restarted when the user resets their password.
Confirm Direct Deposit
The fake email appears to come from a bank or vendor and asks the victim to confirm direct deposit information by clicking a link and providing personal information.
Account Deletion
This email says your account (any common account, including PayPal, Apple, Microsoft, Google and so forth) is set for deletion in a few days, and you can avoid this disaster only by taking the prescribed action right now.
SMBs are increasingly vulnerable to security threats. By proactively addressing them, SMBs can protect critical confidential information and their reputation and keep their brand safe.