Almost Half Of Cyber-Attacks Are Directed At SMEs

Cyberattacks on big companies often make headlines, but some 43% of all cyberattacks actually target SMEs, according to data compiled by SCORE

Macro malware is the most impactful form of cybercrime affecting SMEs currently, according to a  press release announcing the findings.

In 2017 alone, SMEs in the US faced 113,000 incidents of macro malware, the release said. Macro malware is often found in malicious email attachments, appearing as a word processing document or similarly familiar type of file.

Of the 269 billion emails sent and received last year, 39% were spam, the release said. Small business owners and security pros can protect themselves from these macro malware attacks in two specific ways. 

  • The first, which is obvious, is to avoid downloading attachments from unknown senders. 
  • Secondly, though, one can disable macros in Microsoft applications as a further form of protection.

Online banking attacks were also prevalent among SMEs last year. These attacks often use malware to steal account credentials or credit card data. To protect themselves, SME owners should directly type in the bank's website address and double check it before visiting, while also enabling multi-step authentication on their online banking account.

Ransomware is also still alive and well. In 2017, SMEs were affected by 54,000 ransomware incidents, the release said. Ransomware is a form of malware that, once downloaded, encrypts a victim's files until a monetary ransom is paid, often in cryptocurrency. However, many experts recommend not paying the ransom, as only  19% of victims who pay actually get their data unlocked.

The ransom cost, on average, is relatively low, the release said, at $1,077. However, when the opportunity and recovery costs are factored in, that amount jumps to $133,000, the release noted, which could be unsustainable for many SMEs.

To stay safe, SMEs can "protect themselves by ignoring suspicious emails with urgent requests for personal information, avoiding opening emails from unknown contacts, and regularly updating software to patch vulnerabilities," the release said.

TechRepublic:

You Might Also Read:

Five Key Ways to Protect Your Company Against Cyber Attacks

« New iPhone Bug Gives Anyone Access To Your Photos
New Partnership To Combine Cyber AI And Forensics »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

NuHarbor Security

NuHarbor Security

NuHarbor is a leading information security consulting and advisory firm specializing in Information Security, Compliance, and Risk Management.

Okta

Okta

Okta is an enterprise-grade identity management service, built from the ground up in the cloud to address the challenges of a cloud-mobile-interconnected world.

Business Intelligence Associates (BIA)

Business Intelligence Associates (BIA)

BIA's TotalDiscovery is a defensible and cost-effective corporate preservation and legal compliance software solution.

Optimum Insurance

Optimum Insurance

Optimum's Cyber Risk & Data Protection Insurance policies are designed to protect against cyber exposures that arise when a company’s data and customer information is breached or stolen.

Reblaze Technologies

Reblaze Technologies

Reblaze provides the world’s best security technologies in a cloud-based website security platform.

Haystax Technology

Haystax Technology

Haystax’s security analytics platform applies artificial intelligence techniques to identify and prioritize threats in real time.

Information Network Security Agency (INSA) - Ethiopia

Information Network Security Agency (INSA) - Ethiopia

INSA's vision is to realize a globally competent National Cyber capability which plays a key role in protecting the national interests of Ethiopia.

C3.ai

C3.ai

The C3 AI Suite supports configurable, pre-built, high value AI applications for predictive maintenance, fraud detection, anti-money laundering, sensor network health and more.

Swiss Cyber Think Tank (SCTT)

Swiss Cyber Think Tank (SCTT)

The Swiss Cyber Think Tank is a business network for Cyber Risk & Insurability, providing an industry-wide networking platform for insurers, technology and security firms.

SaltStack

SaltStack

SaltStack develops award-winning intelligent IT automation software. We help businesses more efficiently secure and manage all aspects of their digital infrastructure.

Nordic Cyber Summit

Nordic Cyber Summit

Nordic Cyber Security Summit addresses a wide range of technological issues from the IT Security spectrum and also provides a wider perspective from all aspects of the industry.

Velta Technology

Velta Technology

Velta Technology provide digital safety and cybersecurity solutions for the industrial space.

SecureStream Technologies

SecureStream Technologies

SecureStream Technologies have built the IoT SafetyNet - the Network Security Analytics platform to Eliminate Security Threats, Guarantee Privacy, Ensure Compliance, Simply & Easily.

Nudge Security

Nudge Security

Nudge Security offer the world's first-ever SaaS security solution to discover shadow IT and curb SaaS sprawl across any device or location and nudges employees towards optimal security behavior.

Detego Global

Detego Global

Detego Global are the creators of the Detego® Unified Digital Forensics Platform, a suite of modular tools used globally by military, law enforcement and intelligence agencies, and enterprises.

Boltonshield

Boltonshield

Boltonshield provide a unique and proactive approach to cyber defence with managed security services, integrated technologies, and a team of security experts, ethical hackers and analysts.