SMBs at most risk from rudimentary cyber attacks, not sophisticated hacking

A warning from computer security company eSentire in its latest Cyber Threat Study, examining the cyber threats faced by SMBs are saying that sophisticated, targeted threats which are basic and unsophisticated attacks which many SMB businesses are not prepared for is the largest IT security risks they face.

“Since 2014 cybercrime rates have been on a steep trajectory, rising in both frequency and complexity. And in the space of two years – not surprisingly – small and mid-sized organisations have become a popular attack target,” said Mark McArdle, chief technology officer at eSentire.

He continued: “Unlike their larger peers, mid-sized enterprises often lacks the resources and budget required to maintain the robust defences required to defend against today’s attacks.”

Nonetheless, SMB’s now speak for nearly two-thirds of all security incidents in loss of data they added.

E.G, when a remote login service is uncovered to the internet without a boundary firewall configured to automatically block brute force attacks will eventually attract such attacks.  “For clients who do not expose services or protect them with robust perimeter defences (and who are running good configurations), the number of incidents in this category is nearly nil,” it advises.

Basically what it is saying is that SMB’s are leaving themselves open due to security holes in their boundary firewall set up which is inviting attacks to their network.

The company Esentire is recommending a series of measures alleviate the risks of running remote login services exposed to the internet, this includes carrying out a two-factor authentication, white-list-based access control, rate-limiting incoming connections, and even automating IP-based lock-outs.

In general SMB’s are putting themselves at risk because they are running outdated software which is exposed to the internet, this is enabling old exploits to be deployed against them with impunity.  Again, advising to limit the number of internet-facing services being hosted on their company’s main network, to install application-based firewalls for services that their company have no choice but have to be exposed to the internet, and using tools to help stop unauthorised changes to content hosted on their systems.

“Whether large or small, the truth facing all businesses is that technology simply isn’t enough to guard against today’s attack vectors. Regardless of how many layers of traditional technology (intrusion protection/detection systems, security information and event management or SIEM, anti-virus systems and so on) organisations deploy, attackers will find new vectors to their targets.”

SMB’s fall foul of attacks which can be prevented with basic security measure and staff training.

Over 2 years the company accumulated and analysed data from monitoring clients’ networks and IT infrastructures.

The unglamorous truth, the report claims, is that “organisations operating in this space commonly have their perimeter security bypassed by rudimentary, unsophisticated (but still highly effective and successful) attack vectors”.

Approximately one-third of all incidents involved preventable brute-force attacks that originated as a result of poor perimeter defences. “Even when organisations have good technologies in place, poor configuration can result in a higher incidence of brute force attacks,” the report adds.