A raft of recent reports highlight the threat small and mid-sized businesses (SMBs) face from ransomware and other lurking cyber dangers. Much of the media attention has been focused on situations where critical infrastructure is at risk: dams, power plants, utilities, and election systems. For SMBs, essential infrastructure backbones – within their own organizations – can often be the weakest links, and hackers know how to target them.

Most ransomware attacks don’t grab headlines

A new report by Barracuda Networks warns of the dangers to small and medium businesses and says that most ransomware attacks are not headline-grabbers.

“The attacks are often sophisticated and extremely hard to handle for small businesses,” the report states.

The report also highlights various types of attacks and their impacts on small businesses and offers actionable solutions for SMBs, such as:

    • Disable macros: Implement execution prevention by disabling macro scripts from Microsoft Office files transmitted via email.
    • Set up network segmentation: Implement robust network segmentation to help reduce the spread of ransomware if it does get into your system.
    • Remove unused or unauthorized applications: Investigate any unauthorized software, particularly remote desktop access software or remote monitoring software, either of which could be signs of a security compromise.
    • Enhance web application and API protection services: Secure your web applications from malicious hackers and bad bots by enabling web application and API protection services, which offer a variety of security features including distributed denial of service (DDoS) protection.
    • Reinforce access control on backups: Backup should be offline and cloud access credentials should vary from normal credentials – so if a system password gets compromised, the backup files, stored in the cloud, will likely remain safe..

These are all tips that are very granular, very actionable, and would go a long way towards stopping an attack in its tracks.

Some verticals are at higher risk

While SMBs in general having a target on their backs, some specific markets are more attractive to bad actors than others.

For instance, a business was hacked that printed deposit envelopes for banks. The bad actor was able to move laterally into one of their financial client’s systems. At first glance, the envelope company looked like a printing business, but once they start printing envelopes for a bank, they become part of the financial ecosystem and therefore more vulnerable.

A printing house that only produces wedding invitations and graduation announcements likely wouldn’t be as appealing to a hacker.

The Barracuda report spotlights some of the most vulnerable markets, including municipalities, financial services, education, and healthcare. The report says:

While attacks on municipalities increased only slightly, our analysis over the past 12 months showed that ransomware attacks on educational institutions more than doubled, and attacks on the healthcare and financial verticals tripled. Infrastructure-related attacks have quadrupled, which signals cybercriminals’ intent to inflict greater damage beyond the impact on the immediate victim.

The report concludes that the entire web of critical ecosystems is vulnerable to nation and state-sponsored cyberattacks. “Those are the threat actors most likely to be going after infrastructure targets,” write Barracuda researchers.

Budgets vs Threats

Cybersecurity budgets are not keeping pace with threats. Too many companies still view cybersecurity expenditures as a luxury – until they get hacked.

A new survey by a San Diego-based security firm backs up this assertion. At the time of this writing (late 2022), a global leader in cybersecurity has just released its annual report, which surveyed over 1,200 cybersecurity decision-makers from small-to medium-sized businesses in Europe and North America.

According to the new data, 74% of SMBs in North America and Europe believe they are more vulnerable to cyberattacks than enterprises. And while these decision-makers are concerned about the possible implications of an attack – most notably loss of data, financial impacts, and loss of customer confidence and trust – 70% of businesses surveyed admitted that their investment in cybersecurity has not kept pace with recent changes to their operational models (i.e., hybrid working).

Closer to home, the top three challenges identified by SMBs in North America were:

    • An inability to keep up with the latest cybersecurity threats (54%)
    • Keeping up with the latest cybersecurity approaches and technologies (50%)
    • Budget limitations/lack of investment in cybersecurity (49%)

The irony on the budget limitations is that, if an SMB must clean up the mess from a severe breach, that could put them out of business completely – a very final limitation indeed.

If you’d like to discuss what vulnerabilities your organization needs to worry about, or how much you should plan on budgeting for, please reach out to us. We’re happy to help.