Almost Half Of Cyber-Attacks Are Directed At SMEs

Cyberattacks on big companies often make headlines, but some 43% of all cyberattacks actually target SMEs, according to data compiled by SCORE

Macro malware is the most impactful form of cybercrime affecting SMEs currently, according to a  press release announcing the findings.

In 2017 alone, SMEs in the US faced 113,000 incidents of macro malware, the release said. Macro malware is often found in malicious email attachments, appearing as a word processing document or similarly familiar type of file.

Of the 269 billion emails sent and received last year, 39% were spam, the release said. Small business owners and security pros can protect themselves from these macro malware attacks in two specific ways. 

  • The first, which is obvious, is to avoid downloading attachments from unknown senders. 
  • Secondly, though, one can disable macros in Microsoft applications as a further form of protection.

Online banking attacks were also prevalent among SMEs last year. These attacks often use malware to steal account credentials or credit card data. To protect themselves, SME owners should directly type in the bank's website address and double check it before visiting, while also enabling multi-step authentication on their online banking account.

Ransomware is also still alive and well. In 2017, SMEs were affected by 54,000 ransomware incidents, the release said. Ransomware is a form of malware that, once downloaded, encrypts a victim's files until a monetary ransom is paid, often in cryptocurrency. However, many experts recommend not paying the ransom, as only  19% of victims who pay actually get their data unlocked.

The ransom cost, on average, is relatively low, the release said, at $1,077. However, when the opportunity and recovery costs are factored in, that amount jumps to $133,000, the release noted, which could be unsustainable for many SMEs.

To stay safe, SMEs can "protect themselves by ignoring suspicious emails with urgent requests for personal information, avoiding opening emails from unknown contacts, and regularly updating software to patch vulnerabilities," the release said.

TechRepublic:

You Might Also Read:

Five Key Ways to Protect Your Company Against Cyber Attacks

« New iPhone Bug Gives Anyone Access To Your Photos
New Partnership To Combine Cyber AI And Forensics »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Lutech

Lutech

Lutech is an Italian ICT engineering and services company. Business solution areas include cyber security.

Holm Security

Holm Security

Holm Security are taking vulnerability assessment into the next generation as a cloud service.

EY Advisory

EY Advisory

EY is a multinational professional services firm headquartered in the UK. EY Advisory service areas include Cybersecurity.

Virsec Systems

Virsec Systems

Virsec detects and remediates previously “indefensible” advanced memory-based attacks on critical applications and server endpoints.

Onfido

Onfido

Onfido is building the new identity standard for the internet. We digitally prove people’s real identities using a photo ID and facial biometrics.

Blok Cyber Security

Blok Cyber Security

Blok provide small businesses and sole traders, with affordable, managed Cyber Security Packages that offer immediate protection and peace of mind.

RedLegg

RedLegg

RedLegg is a master provider of information security services, a boutique, nimble, old-fashioned customer service company that enjoys the technology battlefield.

StrataCore

StrataCore

StrataCore is a single-source technology lifecycle advocate that works behind IT teams as a strategic partner to help them achieve peak enterprise outcomes.

Information Technology Solutions (ITS)

Information Technology Solutions (ITS)

Information Technology Solutions is a single source provider for managing and securing mission-critical IT services.

BrainStorm

BrainStorm

BrainStorm Threat Defense takes a new human-focused approach to security awareness that traditional training lacks. It’s a cutting-edge platform to make your users more security savvy.

Xoriant

Xoriant

Xoriant is a technology leader and execution partner throughout the Build, Run and Transform lifecycle for companies that create and use technology products.

Dropzone AI

Dropzone AI

Dropzone AI are creating a generational leap in SecOps by using AI to automate cyber expertise and tooling.

Astran

Astran

At Astran, we revolutionize data security by introducing a groundbreaking solution for data confidentiality headaches.

Intellinexus

Intellinexus

Intellinexus turns data into actionable insights to revolutionise decision-making in your business.

AuditBoard

AuditBoard

AuditBoard is the leading cloud-based platform transforming audit, risk, ESG, and InfoSec management.

Theori

Theori

Theori tackles the most difficult cybersecurity challenges from an attacker’s perspective and conquers them as the best strategic security experts.