SMBs (Small and Medium Sized Businesses) are in the unenviable position of becoming the major target of cyber crime groups. Why is this? There are a couple factors in play that may make your company more susceptible to this emerging threat.
First, the SMB probably has more money in their bank checking and savings accounts than a typical consumer target would have, meaning that for roughly the same amount of effort, an exploit against an SMB will yield many times more return that the same exploit run successfully against an individual. SMBs are also more use to seeing money moving around through their accounts in wire transfers and automatic payments than an individual would normally see. Unauthorized transfers and payments are more likely to be missed or unquestioned in a small business environment. Sometimes the SMB has intellectual property or trade secrets that are extremely valuable and are the target at risk.
Second, the SMB target probably will have considerably less security in place than a larger Enterprise class business usually deploys. There may be no hardware firewall, and no coherent access or password policy in place. If there is a firewall, ports may remain open that should be blocked, and the firewall may still have the default administrative user name and password in place, which make it a trivial task for the attacker to log in and take control of the network. It is less likely that there is a full time network administrator on premise who is monitoring access logs and performing routine security tasks. Plus employees are probably bringing their own laptops or smartphones into the company and connecting them to the company network. This trend toward BYOD (bring your own device) in workplace networks provides another easy attack vector.
“Why me” you ask? You may have been randomly targeted as part of a large random group attack, using methods similar to those used in consumer exploits, such as SPAM emails with dangerous links, or Phishing exploits designed to trick you into giving up your user credentials to bank accounts or similar resources. Or you may have been specifically targeted because the attacker is already determined that you are a high value target; that your bank accounts or intellectual property such as designs, patents, or processes is worth the effort to acquire. You may have been specifically targeted by someone working for a competitor or a foreign government.
What is the answer? You need to develop a security plan for your company. This will probably mean hiring an outside Information Technology company with a strong security specialization to help you. The should perform an on–site security evaluation, and something called a penetration test, where they attack your network as a cyber-criminal would to uncover vulnerabilities, and then recommend a course of action design to plug the gaps and harden the network from attack. It would also provide training to your employees on how to be vigilant for the tricks and methods of an attacker. They may also help you set up an Password Policy and Acceptable Use Policy for your employees. Of course, this is something that we do here at WyzGuys, so if you are in the market, you might as well call us first. But you ought to do something now, instead of hiring the same team to assess the damages after the horse has been taken from the barn.Share