Our list of the Top 6 Cybersecurity Threats for small businesses in 2020 that you should be concerned and diligent about.
1. Ransomware Attacks
“In 2020, we will see, at minimum, a 300% increase in RYUK-related ransomware attacks, and most of those attacks will be focused on U.S. small businesses. Ransoms on small businesses will jump to $150,000 to $300,000 per event on the low end, causing a spike in U.S. small business bankruptcies and closures. About 2 out of every 10 small businesses attacked will have no choice but to halt operations for financial reasons. Another reason we’ll see a spike in attacks on small U.S. businesses is the sheer volume of these businesses running outdated windows servers with known vulnerabilities”—Zohar Pinhasi, CEO, MonsterCloud Cyber Security
2. Mobile Security
In the past year, we’ve observed a growing variety and variability of the types of mobile attacks criminals use to target smartphone owners. The powerful, pocket-sized computers many of us carry around contain a wealth of personal and sensitive information that reveals much about our daily lives. But attackers need not steal that information to reap the financial rewards of an attack. Increasingly, we also rely on these devices to secure our most sensitive accounts, using two-factor authentication tied to either our SMS text messages or to “authenticator” apps on the mobile phones themselves. A number of “SIMjacking” attacks in the past year have revealed attackers targeting the weak link between customers and their mobile phone providers using social engineering, which led to several high-profile thefts of both cryptocurrency and regular cash from wealthy individuals.
3. Internet Background Radiation
In the 30 years that have elapsed since the internet became commercialized, the amount of noise that washes up on the shores of our networks has steadily increased in both volume and ferocity. Benign port scans and network probes increasingly are accompanied by hostile attack traffic generated by worms and malicious automation. Collectively, this “internet background radiation,” analogous to the cosmic background radiation that has pervaded the universe since the Big Bang, accounts for an increasing volume of breaches and compromises affecting a wide range of internet-facing services and devices
4. Cloud Security
Often people believe that just because something is hosted in “the cloud” that everything is safe. The greatest risk to cloud security is the cloud itself. Misconfiguration is the leading cause of incidents, and lack of visibility is problematic. Businesses must constantly review configurations and monitor for changes both authorized and unauthorized to reduce their risk.
5. Automation and Attacks
Automation is being used to enhance attacks more and more and hackers are now going after backups as part of their attacks. Attackers are using a combination of automated tools and humans to more effectively evade security controls than ever before. In 2019 the MTR Operations Team has observed attackers automating the earlier stages of their attacks to gain access and control of the targeted environment and then shift to utilizing patient, methodical means to identify and complete their objective.
6. Machine Learning
Machine learning is a growing part of both cybersecurity defense and offense. The good guys use ML to help look through endless amounts of data in order to spot anomalies and changes in behavior to identify threats. The bad guys use ML to make their attacks more sophisticated and self-learning in hopes of being more successful in their attacks.
What can you do?
Here is a list of the most common things we suggest to Small Businesses to move them in the right direction when it comes to cybersecurity.
- Enable 2FA on everything! Don’t let your users talk you into softening up login security. Features such as 2FA, where you need to copy a one-time code off your phone every time you login, add a tiny inconvenience for users compared to the extra difficulty they add for attackers.
- Keep connected devices up to date. While most people are tired of hearing us say, is your computer up to date, it is one of the easiest ways to reduce your attack surface. Often systems that go unpatched are how a cybercriminal can gain access to your computer systems. Once in they set up shop, wait, and then when the opportunity is right they pounce and create havoc.
- Don’t run unexpected attachments. The crooks probably won’t send you the ransomware directly, but they will try to trick you into running remote access malware that lets them get back in later so they can attack from right inside your network.
- Don’t open up remote access to your network unless you really mean to. Lots of ransomware attacks start because remote access systems such as RDP (remote desktop protocol) were open unexpectedly, and therefore hadn’t been secured properly.
- Don’t ignore warning signs in day to day activities. Modern ransomware attackers usually spend hours, or even days, scoping out your network so they can scramble as many computers as possible to demand a bigger payout. If you spot them first, you may be able to head them off entirely.
- Don’t rely entirely on real-time, online backups. Most contemporary attackers search out and delete any online backups they can find, making it harder to recover without paying. Backups locked away in an old-school safe can’t be reached across your network!
- Security Awareness Training for all employees, including the management team. Security Awareness Training often incorporates sending phishing emails to test and track who your clickers are. The clickers are then provided feedback into their actions and often accompanying training on what to look for and how to act with these phishing emails.
- Have an Incident Response and Disaster Recovery Plan for when things go bad. When a breach occurs knowing how to respond and how to recover often can mitigate further loss and repeat infections. Your Disaster Recovery Plan must include proper backups and testing of those backups on a regular basis.
- Work with an IT Service Provider who has the security tools, process, and staff to manage your cyber threat protection along with being there for you when something does go bad.
- If you have questions or concerns, call us! We are here to help answer questions and address any concerns you may have with your cybersecurity!