Ransomware: Why Are Small to Midsize Enterprises Targeted Most Often?
The majority of cyber-attacks happen to small businesses and midsize enterprises. With the average cost of a cyber-attack close to a quarter of a million dollars, it is not surprising many businesses close within 6-months of a cyber-attack. According to a survey of managed service providers for SMEs, only 30 percent felt that ransomware was a critical threat, perhaps indicating an attitude that it only affects larger corporations. Smaller businesses may, in fact, be more at risk because of several key factors.
Lack of Cybersecurity Training
Any company that connects to the internet and holds data of any kind is at risk from threat actors. This means every organization is at risk. With that in mind, every company should invest in cybersecurity training from the outset. However, it’s clear that this is not yet the case. A highly trained employee with a full understanding of cybersecurity will report an obvious phishing email to their relevant security officer. A poorly trained employee may be fooled, click the link, and inadvertently introduce the malware to the system that allows a ransomware attack to occur.
Fewer Cybersecurity Defenses
Even security-savvy businesses may not have the know-how or the funds to invest in the right kind of cybersecurity to defend against threat actors. As a generalization, the smaller a business is, the more likely they are to have holes in their defenses that criminals can utilize to gain access to a business network.
Fewer IT Resources
Small to midsize enterprises may have their own onsite IT teams, or they may rely on managed service providers (MSPs) to firefight any issues they have. However they access their IT support, the chances are it will be of a lower caliber than larger companies, and that overall, smaller businesses will have access to fewer IT resources. It may not even have occurred to them to invest in cyber insurance, although if they have, it’s in the insurer’s interest to recommend services like onsite incident response plans to prevent large payouts.
Perception of Risk
When a startup is passionate about a product or service, cybersecurity may be the last thing on their minds. Hopefully, as articles like this highlight the risks, this attitude is fading. But the simple fact that manufacturing is one of the hardest-hit industries worldwide shows that there’s a startling misconception that only “digital” companies are at risk.
Connections to External Suppliers
Threat actors don’t always come at an organization head-on. In fact, it’s common for cybercriminals to look for ways to access an organization via partners, suppliers, or service providers linked to the company. The smaller a business is, the more likely it is that it relies on other vendors or suppliers to provide them with a range of services. These might range from logistics to waste disposal or even remote monitoring stations for equipment for manufacturing firms. Every digital link to another organization is a potential backdoor for ransomware gangs. Combine this with the other risks highlighted above, and it’s clear to see why opportunistic criminals will often target smaller businesses first.
Content originally written by Blue Team Alpha and has been reposted here with permission.