Lots of things have changed in the past year, but one thing hasn’t changed: businesses of all sizes are vulnerable to cyberattacks. In the first half of 2020, a massive shift took place and users started working very differently. Many more are working remotely in distributed ways. At the same time, many companies started moving away from traditional desktop office software toward cloud apps and cloud data storage.
With the rapid shift to remote work, many businesses are not set up to do things securely – for instance, they may be using free or unmonitored services to share files. Or, when you’re working from home, you might also be doing things on your work computer that you maybe didn’t do before, like listening to podcasts or music, checking your personal email, and so on. Maybe a message pops up asking you to re-confirm your login and password for O365, so you enter it without thinking… and now a phishing site has your company O365 credentials.
New trends in cyberattacks
The past year also saw a shift in the patterns of cyberattacks, with more phishing attacks taking place than in prior years. It’s likely that this trend will continue into 2021. As outlined in our recent cybersecurity report, the Cisco Umbrella research team observed four major trends in cyberthreats in the second half of 2020.
Trojans and droppers are getting a second life. Instead of a simple one-step malware infection, users are getting an initial infection and then a follow-up compromise later.
More multi-stage attacks are occurring. Users are not just getting infected in one step. Attacks are often multi-staged and are spread out over many hours or days. As an example, a user might click on a link in an email that takes them to a website, which then drops malware on their machine that doesn’t act right away.
Cryptomining continues to pose a significant threat. More criminals are harvesting user resources to mine cryptocurrency, whether the operation is running in the background of websites you visit or running on your own computer.
Pandemic themed campaigns continue to escalate. Attackers are taking advantage of fear and uncertainty around the global pandemic to launch themed attacks to capture attention and take advantage of victims.
How do we know this? With the data from the Cisco Umbrella global cloud architecture, we can see if a specific threat is trending in a specific geography, industry, or organization size. We can determine what is trending, as well as what is trending with specific verticals.
Small businesses are not immune to these trends. Research indicates that 62% of small businesses have been hit by cyberattacks. It’s also very likely that small businesses have not prioritized cybersecurity in their strategic planning. Either they don’t have the funds, or don’t think they are vulnerable to attacks. But cybercriminals often start with small businesses first and then move up the chain.
You’re also more vulnerable if you’ve gone remote very recently, since attackers are aware of the chaos that can result from a quick pivot in business operations. That’s why we’ve seen an uptick in phishing attacks: it’s easier to compromise someone when they are outside of their comfort zone.
The consequences for cyberattacks can be severe – for a large company, a data breach might result in an unwelcome news story and perhaps legal action, but it could quickly result in the end of your small business. Whether it involves passwords getting stolen, financials getting compromised, reduced brand reputation, or downtime, your small business likely can’t afford a major cybersecurity incident.
Cybersecurity challenges affecting small businesses
Small businesses face key problems when tackling cybersecurity challenges.
Poor attribution: Many businesses don’t know where or how an attack starts, and it’s even worse for a small organization without a dedicated team. Did it come from an email, a password compromise, or a visit to a malicious website? To make sense of an attack, you first need to know who was hit, where, when, and how.
Gaps in visibility and coverage: With users working remotely, roaming while traveling, it’s difficult to see the complete picture of your security situation. Just because a business is smaller doesn’t necessarily mean attacks are less frequent or assets are simpler to protect.
Limited security resources: Small businesses are facing unprecedented financial strain. With even more resource limitations than usual, cybersecurity might be close to last on the list of priorities.
Too many vendors: It’s hard to stay on top of security alerts from multiple vendors. What do you do when there is an incident? How can you avoid chaos?
Your business is unique, and you need a unique security approach to match. Instead of trying to use a one-size-fits-all approach designed for a larger enterprise, you can develop a custom take what you need and leave the rest. Small businesses with limited time and resources should focus on end-to-end security that delivers the most bang for the buck and accomplishes five key tasks:
- Protect customer business and financial data
- Protect users on and off the network
- Secure the network, cloud, and every endpoint
- Keep employees connected, protected, and productive
- Grows along with your business
Last week, we heard from leading data scientist Austin McBride and small business cloud security expert Randy Silver. They discussed how small business customers are standing up to cyberthreats with the help of Cisco.