Keiron Holyome, Vice President, UKI, Middle East & Africa, BlackBerry
What is the most dangerous trait of a cyberattack?
Some use complex social manipulation to spear phish individuals. Others deploy weaponised artificial intelligence (AI) and sophisticated malware programmes to gain access and create chaos. In my experience, however, the most dangerous aspect of many attacks is their relentlessness.
Nearly 40% of businesses were hit by a cyberattack in the last 12 months, according to the UK Government’s recent Cyber Security Breaches Survey. But, these aren’t one-off attacks in the year; the study showed that 31% of businesses estimated they were attacked at least once a week.
In fact, BlackBerry’s Threat Research team reports that small and midsized businesses (SMBs) are an increasing focus of attack, facing upward of 11 cyberthreats per devices, per day – a number much higher than enterprises.
For large businesses, injecting funding into their cyber defences can be an effective solution, adding comprehensive security software, and specialist skills and resources to bolster defences. For smaller businesses, the answer is not as straightforward – and the consequences can be fatal. According to a study by the Ponemon Institute, 60% of SMBs go out of business within six months of a cyberattack due to reputational and financial damage. For them an attack is a death sentence. But it doesn’t have to be. Here’s how.
Why underestimating the smaller details is creating the bigger problems
The news cycle is littered with sophisticated cyberattacks from across the world. Seeing this, small businesses may anticipate highly technical attacks on their infrastructure. However, the 2022 BlackBerry Threat Report reveals this is rarely the case.
Cybercriminals are relying on older techniques to target smaller business with high volume, scattergun outreach. Whilst this may be surprising, it is proving to be incredibly effective.
The most common attacks are the simplest ones, and older techniques such as phishing and watering hole attacks, have been popularised by the proliferation of digital channels such as SMS and mobile phone apps. BlackBerry’s research discovered that out of the nearly 40% of UK businesses who identified an attack, the most common threat vector was phishing attempts (83%), while only one in five businesses identified the anticipated sophisticated techniques of malware and ransomware.
Even the messiest threat actors are succeeding, despite lacking the flair of big ransomware groups. In multiple incidents, threat actors left behind playbook text files containing IP addresses and more. Despite being less technically advanced, cyber criminals were able to infiltrate organisations’ barriers due to small businesses continually using older technologies and infrastructure for protection. SMBs will remain prime and easy targets, even for the simplest of attacks, if they fail to upgrade and boost their security. Last year was a testament to this with an overabundance of attacks on SMB targets. So how can we guard against this?
People, solutions, attitudes: How businesses can build their level of protection
Before even thinking about what cybersecurity solution they should get, many SMB leaders will be thinking about how much employing a whole team or subscribing to cyber software will cost. Luckily, it’s possible to outsource help and a level of protection that few organisations can otherwise afford on their own.
There are three avenues small businesses should consider:
1. People. Many SMBs around the world are seeing a digital skills gap, meaning teams are either thinly stretched or non-existent. To avoid the struggle of finding excess staff, businesses can engage a Managed Security Service Provider (MSSP). An MSSP provides outsourced monitoring and management of security devices and systems. They give customers 24/7 services which maintain a strong security defence.
2. Solutions. Many SMBs fear that they don’t have the visibility or power to stop cyber threats. By collecting and analysing data from multiple sources, Extended Detection and Response (XDR) gives businesses a complete view of all potential network and endpoint vulnerabilities, and enterprise security personnel can more effectively prevent cyberthreats. XDR can detect threats as they happen, allowing security teams to investigate and act quickly and has 365x24x7 threat monitoring, keeping businesses secure even at weekends and during holidays. In the event of a cyberattack, XDR enables faster discovery, response and remediation, freeing up valuable resources to focus on more impactful projects.
3. Attitudes. No number of outsourced services or technologies can prevent human error. However, it’s possible to reduce it through introducing positive security attitudes and cultures. A Zero Trust security model addresses this by assuming every user, endpoint, and network are potentially hostile. No user can access anything until they prove who they are, that their access is authorised, that they’re not acting maliciously, and that the Wi-Fi or cellular network they are connected to is not compromised.
Before disaster strikes, call in backup
Many SMBs might feel alone during the cybersecurity crisis, but they needn’t. Backup is out there, whether in the form of people who can help serve your cybersecurity needs, solutions which automate responses, or a strong sense of Zero Trust among every member of your team.
Given the existing threat landscape, the need for visibility across the entire security function is a necessity. Consider adding Google Workspace policies to maintain effective policies to ensure the security of data and the protection of user privacy. Furthermore, there are a wealth of solutions available to enable SMBs to be proactive in building the right defense strategy. Software solutions like Seraphic allow you to elevate web and data security standards with a complete enterprise browser security and governance solution. A secure enterprise browser for all. A future in which SMBs are confident to use the tools and resources around them will see far more not just survive but actively shield against potential cyberattacks for many years to come.