Almost Half Of Cyber-Attacks Are Directed At SMEs

Uploaded on 2018-10-25 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW

Cyberattacks on big companies often make headlines, but some 43% of all cyberattacks actually target SMEs, according to data compiled by SCORE

Macro malware is the most impactful form of cybercrime affecting SMEs currently, according to a  press release announcing the findings.

In 2017 alone, SMEs in the US faced 113,000 incidents of macro malware, the release said. Macro malware is often found in malicious email attachments, appearing as a word processing document or similarly familiar type of file.

Of the 269 billion emails sent and received last year, 39% were spam, the release said. Small business owners and security pros can protect themselves from these macro malware attacks in two specific ways. 

  • The first, which is obvious, is to avoid downloading attachments from unknown senders. 
  • Secondly, though, one can disable macros in Microsoft applications as a further form of protection.

Online banking attacks were also prevalent among SMEs last year. These attacks often use malware to steal account credentials or credit card data. To protect themselves, SME owners should directly type in the bank's website address and double check it before visiting, while also enabling multi-step authentication on their online banking account.

Ransomware is also still alive and well. In 2017, SMEs were affected by 54,000 ransomware incidents, the release said. Ransomware is a form of malware that, once downloaded, encrypts a victim's files until a monetary ransom is paid, often in cryptocurrency. However, many experts recommend not paying the ransom, as only  19% of victims who pay actually get their data unlocked.

The ransom cost, on average, is relatively low, the release said, at $1,077. However, when the opportunity and recovery costs are factored in, that amount jumps to $133,000, the release noted, which could be unsustainable for many SMEs.

To stay safe, SMEs can "protect themselves by ignoring suspicious emails with urgent requests for personal information, avoiding opening emails from unknown contacts, and regularly updating software to patch vulnerabilities," the release said.

TechRepublic:

You Might Also Read:

Five Key Ways to Protect Your Company Against Cyber Attacks

« New iPhone Bug Gives Anyone Access To Your Photos
New Partnership To Combine Cyber AI And Forensics »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Montash

Montash

Montash is an award winning, global technology recruitment business, specialising in the acquisitions of high-performing talent across a number of core disciplines including Information Security.

Truth Technologies Inc (TTI)

Truth Technologies Inc (TTI)

TTI is a premier provider of worldwide anti-money laundering, anti-fraud, customer identification, and compliance products and services.

Ilex International

Ilex International

Ilex International is a European software vendor which specialises in Identity & Access Management solutions.

SCIS Security

SCIS Security

SCIS Security provides affordable cyber security services and solutions to small to medium sized businesses and homes.

CopSonic

CopSonic

Copsonic provide a technology solution based on ultrasonic waves to send secure and encrypted data between two devices in order to achieve authentication.

SITA

SITA

SITA is a multinational information technology company providing IT and telecommunication services to the air transport industry including vulnerability assessments and managed security services.

CyberSAFE Malaysia

CyberSAFE Malaysia

CyberSAFE Malaysia is an initiative to educate and enhance the awareness of the general public on the technological and social issues and risks facing internet users.

Naoris Protocol

Naoris Protocol

Naoris is the world’s first holistic blockchain-based cybersecurity ecosystem, bringing a game-changing solution to address 35 years of industry similar practice.

DigiByte (DGB)

DigiByte (DGB)

DigiByte (DGB) is a rapidly growing global blockchain with a focus on cybersecurity for digital payments & decentralized applications.

IntaPeople

IntaPeople

IntaPeople are IT and engineering recruitment specialists. We have specialist teams for job sectors including Cybersecurity, IT infrastructure and DevOps.

Satori Cyber

Satori Cyber

The Satori Cyber Secure Data Access Cloud is the first solution on the market to offer continuous visibility and granular control for data flows across all cloud and hybrid data stores.

Entara

Entara

Entara (formerly YJT Solutions) is an eXtended Service Provider (XSP) focused on providing cutting edge technology and cyber security solutions to companies in regulated industries.

Synoptek

Synoptek

Synoptek is a global systems integrator and managed IT services provider (MSP). We offer comprehensive IT management and consultancy services to organizations worldwide.

Cyber Octet

Cyber Octet

Cyber Octet is an IT Solution, Security, Training and Services company. We provide training and services from Web Application Security to ISO 27001 implementation.

ZainTech

ZainTech

Zaintech is a regional digital & ICT solutions provider offering comprehensive digital solutions and services to enterprise and government customers in the MENA region.

Box

Box

Box is the Cloud Content Management company that empowers enterprises to revolutionize how they work by securely connecting their people, information and applications.