Cybercriminals set their sights on SMBs
Cyber attackers are turning their focus to small and medium businesses (SMBs) as larger corporations tighten their security, according to cybersecurity firm CTRL Group.
In the last year, cyber attacks on SMBs have tripled, with invoice fraud becoming more common in particular, said reformed hacker and CTRL Group Founder Bastien Treptel.
“One business recently lost over $50,000 as a result of a hacker taking control of the email of the person responsible for invoicing, who was on maternity leave. The hacker then used this access to re-issue unpaid invoices with different account payment details and a note explaining the change of account,” Treptel explained.
“By the time everyone realised what had happened, the new account had been wiped clean and shut down.
“The harsh reality is that small and medium businesses are not immune to major cybersecurity breaches. It is one of the largest business risks they face.”
While a 2017 report showed that 53% of Australian SMBs believed their business had the expertise and resources to handle cybercrime, 47% said they didn’t or didn’t know. The good news is that 87% of respondents said they wanted a tool to minimise their business’s exposure to cybercrime and 62% were willing to pay for a tool.
However, having the right tools and level protection is critical. A separate survey found 87% of SMBs believe their businesses are safe from cyber attacks because they use antivirus software. This is not enough, according to Treptel, who added that many SMBs that are “aware of their security position” may not be “adequately securing their data and information”.
“Small businesses are going to experience a wave of repercussions if they continue to ignore the basic security measures and don’t aim to limit the risks,” Treptel said.
“Hackers are no longer the typical hooded criminal in a basement with a binary code on the screen — we are now under threat by large-scale criminal organisations located all around the world.
“With large corporates increasingly realising the risks and associated financial exposure they face, following recent amendments to the Privacy Act legislation, SMBs are becoming a bigger target than ever.”
Microsoft patched four critical RCE vulnerabilities in the remote desktop services component of...
Mimecast dug through over 67 billion emails rejected as spam, opportunistic and targeted attacks...
Carbon Black's Cognitive Attack Loop model identifies three phases of cybercriminal behaviour...