The State of Cybersecurity: What SMBs Should Know
From the largest enterprise to the smallest SMB, cyberattacks are targeting companies of every size and already proving to be one of the most significant risks facing businesses in 2021.
This threat is particularly concerning for SMBs, who often do not have as many resources available to protect themselves as their larger enterprise peers. On top of that, the impact on their reputation and bottom line may be magnified. Meanwhile, they face many of the same threats.
Understanding how to mitigate this risk starts by having a thorough understanding of the threat landscape today. From there, an SMB can make an informed decision on what areas make the most sense for them to invest as part of their cybersecurity strategy.
Here are a few insights into the state of cybersecurity today:
Ransomware impact remains significant
— From the Colonial Pipeline attack to the Irish healthcare system, ransomware’s impact in 2021 has been significant. Ransomware disrupts a company’s operations by encrypting critical files or systems until a ransom is paid (sometimes in the millions of dollars). Researchers have those individual variants of ransomware decreased in 2020, and attackers were trending towards more targeted attacks.
Remote work leads to larger attack surfaces
— While the increasing number of Internet of Things and other connected devices has been happening for quite some time, the rapid transition to remote work certainly accelerated the trend over the past year. Cybersecurity researchers estimate that the pandemic accelerated the digital shift by seven years and found that cybercriminals also adapted their tactics to take advantage of this new landscape and increase their attacks.
Critical infrastructure remains vulnerable
— While many protections have historically focused on IT networks, it is essential not to ignore critical infrastructure security. Critical infrastructure includes various things, such as manufacturing plants, connected building automation, utility systems, and more. According to cybersecurity researchers, attacks on these networks and systems increased threefold in 2020 and included phishing scams, bots, ransomware, and malware exploiting unpatched vulnerabilities.
Supply chain attacks
— Just as 2021 began, news emerged of a significant attack on SolarWinds, which sells software used by everyone from SMBs to top government agencies, highlighted the critical nature of supply chain security. The vulnerabilities in the software put the customer companies at risk, highlighting the importance of supply chain security and ensuring the integrity of all software entering your environment.
Cryptojacking on the rise
— Cryptomining is when “miners” validate blockchain transactions in exchange for cryptocurrency. When hackers take control of victim’s systems and use their computer processing power to sneakily mine cryptocurrency for their own profit, this process is called cryptojacking. Researchers tracked a lull in malicious cryptojacking in 2019, but the volume of malware detections increased in Q4 2020 as the price of bitcoin and other cryptocurrencies jumped dramatically.
These trends represent a few of the emerging and evolving elements of the cybersecurity risk landscape right now. SMBs and other companies that want to ensure their businesses and customers are protected should constantly educate themselves on the latest security state.
