SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
Cyber criminals persisting in efforts to infiltrate SMBs - report
Wed, 5th Jul 2023

In the lead-up to International SMB Day, established by the United Nations, Kaspersky has unveiled a comprehensive report, highlighting the increasing peril faced by small and medium-sized businesses (SMBs) in the current cyber threat landscape.

As SMBs comprise 90% of all businesses globally, and contribute up to 50% of the world's gross domestic product, according to United Nations data, there is increasing urgency for stronger cybersecurity measures to protect these economic powerhouses.

The latest Kaspersky Threats to SMB report exposed an ongoing and troubling reality as cyber criminals continue to target SMBs with a range of sophisticated tactics.

It showed the number of SMB employees encountering malware or unwanted software disguised as legitimate business applications has remained relatively steady year-on-year (2,478 in 2023 compared to 2,572 in 2022), and cyber criminals are persisting in their efforts to infiltrate these businesses.

The fraudsters employ a multitude of methods, including exploiting vulnerabilities, employing phishing emails, deceptive text messages, and even utilising seemingly harmless YouTube links, all with the aim of gaining unauthorised access to sensitive data. This concerning trend underscores the urgent need for enhanced cybersecurity measures to safeguard SMBs from the relentless onslaught of cyber threats. The report reveals that the total number of detections of these malicious files aimed at SMBs during the first five months in 2023 reached 764,015.

Exploits were the most prevalent threat to SMBs, accounting for 63 percent (483,980) of all detections during the first five months of 2023. These malicious programs target software vulnerabilities, permitting cyber criminals to run malware, elevate their privileges, or disrupt critical applications without any user interaction.

Phishing and scam threats also pose a significant risk to SMBs, with cyber criminals adeptly tricking employees into divulging confidential information or falling victim to financial scam. Examples of such deceptive tactics include fake banking, delivery, and credit service pages designed to deceive unsuspecting individuals.

Moreover, the Kaspersky report draws attention to a frequently utilised method for infiltrating employees' smartphones, referred to as 'smishing', a combination of SMS and phishing.

This technique involves the victim receiving a text message with a link, distributed through various platforms like SMS, WhatsApp, Facebook Messenger, WeChat, and others. If the unsuspecting user clicks on the embedded link, their device becomes vulnerable to the upload of malicious code, compromising its security.

The data used in this report was collected from January to May 2023 via Kaspersky Security Network (KSN), a secure system for processing anonymised cyberthreat-related data voluntarily shared by Kaspersky users.

Kaspersky experts scrutinised the most widely used software used by SMBs worldwide, including MS Office, MS Teams, Skype, and others. By cross-referencing this software against KSN telemetry, the researchers determined the extent of malware and unwanted software distributed under the guise of these applications.

Vasily Kolesnikov, a security expert at Kaspersky, says, "The vulnerabilities faced by SMBs are not to be underestimated. As these businesses are the backbone of most countries' economies, it is crucial that governments and organisations alike step up their efforts to safeguard these enterprises. Awareness and investment in robust cybersecurity solutions must become a top priority to protect SMBs from evolving cyber threats."

To protect your business from cyber threats, Kaspersky implores SMBs to consider the following guidelines:

  • Provide staff with basic cybersecurity hygiene training. Conduct a simulated phishing attack to ensure that they know how to distinguish phishing emails.
  • Use a protection solution for endpoints and mail servers with anti-phishing capabilities to minimise the chance of infection through a phishing email. If using Microsoft 365 cloud service, do not forget to protect it too. 
  • Set up a policy for access to corporate assets, including email boxes, shared folders, and online documents. Keep it up to date and remove access if an employee no longer needs the details to do their job or when they leave the company.
  • Use cloud access security broker software that can help manage and monitor employee activity within cloud services and enforce security policies.
  • Make regular backups of essential data to ensure corporate information stays safe in case of emergencies.
  • Use professional services to help you get the most out of your cybersecurity resources.