Utrecht, May 19, 2022 – Business owners have many different responsibilities. On top of these responsibilities comes cybersecurity, which often seems complicated and sometimes unnecessary. However, this indifference to IT security is being exploited by cybercriminals. Kaspersky researchers evaluated the dynamics of the attacks on SMEs between January and April 2022 and the same period in 2021 to identify threats that pose a growing threat to entrepreneurs.
By 2021, small businesses were three times more likely to fall victim to fraud than larger businesses. The average loss from a single cyber attack has increased from $ 34,000 to just under $ 200,000. In addition to financial shocks, these companies have also faced legal fees, compliance fines, damage to reputation and loss of clients. These are setbacks that many small businesses cannot overcome.
To avoid such losses, business owners need to take better care of their company’s online security. A company’s cyber security starts first and foremost with its employees. According to public reports, the average employee has access to more than 11 million files. The information they have access to can range from financial information or customer data to the secrets behind the development of their business. Cybercriminals are aware of why most attacks on companies are carried out through their employees, who are often not trained in the cyber risks associated with their role.
Popular methods of attack among cybercriminals
One of the popular means of attack against small businesses is internet attacks. These are specifically web pages with exploit redirects, exploit sites and other malicious programs, botnet C&C centers, etc. The number of these attacks increased in the Netherlands in the first quarter of 2022. Compared to 189,266 infections in 2021, Kaspersky researchers detected nearly 203,256 in the first four months of 2022.
With the shift to telecommuting, many companies have introduced Remote Desktop Protocol (RDP), a technology that allows computers on the same corporate network to be connected and accessed remotely, even when employees are at home. It is no longer an uncommon technology, as having remote employees has become the new norm for many companies. But this puts the security of their devices and a company’s operating systems at risk, as the RDP is of particular interest to cybercriminals. If an attacker accesses the corporate network using RDP, he can commit fraud on all affiliated corporate computers. The total number of attacks on the RDP has decreased slightly, but not in all countries. For example, there were about 47.5 million attacks in the United States in the first quarter of 2021, while that number had risen to 51 million in the same period of 2022.
How SMEs can arm themselves
To prevent such attacks, business leaders need to improve their company’s cyber security, starting with one person in particular – the IT specialist. Advanced security services can provide built-in training to keep IT specialists informed of the latest cyber threats. Through training and education, business owners can transform them into sought-after cybersecurity specialists, capable of analyzing how threats can affect their specific organization and adapting technical and organizational cybersecurity measures accordingly. This will help companies avoid extra costs associated with hacks on their business systems.
Denis Parinov, security researcher at Kaspersky: “With the shift to teleworking and the introduction of many advanced technologies in the day-to-day operation of SMEs, security measures need to be developed to support these advanced setups. Cybercriminals are already far ahead of the curve. all organizations will face a hacking attempt at some point.For small businesses, it is no longer a question of whether a cyber security incident will occur, but when.To have trained staff and a well-trained IT specialist is no longer a luxury, but a must-have part of your business development. ”
Kaspersky was founded in 1977 and is active worldwide in cybersecurity and digital privacy. Kaspersky’s threat intelligence and security expertise is continually transformed into innovative security solutions and services to protect businesses, critical infrastructures, governments and consumers worldwide. The company’s comprehensive security portfolio includes industry-leading endpoint security and a range of specialized security solutions and services to combat advanced digital threats. More than 400 million users and 240,000 business users are protected by Kaspersky technologies. For more information, visit www.kaspersky.nl.
This article is a submitted message and is not the responsibility of the editors.