Techblog
A guide to cyber security threats for SMEs
Despite the rising threat of cyberattacks, awareness of such threats remain low among SMEs. It is important that SMEs are aware of the different types of threats that may make their businesses vulnerable. Here are some of the more common form of attacks that SMEs should be aware of.
Ransomware
Ransomware is slowly becoming one of the more common forms of cyberattacks. Hackers steal and encrypt data, which is only released when money is given in exchange. Payment is usually in the form of one or two bitcoins, which is form of digital currency. The number of such attacks has increased in the last year, according to a report in The Business Times.
“There has been a spike in the number of ransomware cases reported this year,” said the director of operations at Cyber Security Agency of Singapore (CSA) Mr Dan Yock Hau. He added: “In the whole of 2015, there were only two reported cases. In comparison, in the first eight months of this year, 17 cases of ransomware have been reported.” It is possible that the number could be higher as many companies are not forthcoming about their data being compromised.
The companies that are often the target of such attacks usually employ poor, outdated cyber security tools. Companies should also note that paying the ransom does not guarantee that you will get your data back, so it is important to have back-ups safely stored away.
One such backup tool is Singtel’s Business Backup Suite that helps ensure your data is secure by keeping a copy of the files stored on your physical workstations and servers in highly secure SSAE 16 and MTCS-Singapore certified, Tier IV designed data centre. In the event that your data security is compromised and you need to restore it, the Business Backup Suite is able to quickly files and complete hard drive images with zero lead time.
Email Spear phishing
Spear phishing is a scam attempt that targets a specific organisation by disguising the attack as an email attachment, which sometimes contain a link pointing to a site which is used to steal personal information. Spear phishing is targeted – they usually know some personal information about the recipient including their name or where they live. This makes the recipient less likely to delete the email.
These emails are often sent by criminal hackers because they may want to steal credit card or bank account information. Sometimes, these hackers may specifically target certain employees of an organisation like the chief financial officer so that they can illegally transfer funds. It is also possible that a hacker can use spear phishing to remotely wipe your computer so that a user loses all his data and information.
To address such attacks, companies can protect themselves by enhancing their email security with solutions like Email Security-as-a-Service. The cloud-based solution eliminates the need for complicated hardware and software. It provides anti-virus and anti-spam protection for emails by blocking viruses and spams before they penetrate the network. Secure Email Gateway is another solution that helps keep your email content free from such attacks by scanning and identifying content that contains spams and viruses.
Mobile Malware
As smartphone penetration continues to rise globally and especially in Singapore, mobile malware remains a significant threat. As such, cyber criminals are now developing viruses that are just for mobile platforms. These criminals develop mobile apps that look similar to mobile games that would entice people to download them. The malware infects the phone when victims download these “apps”. Malware can also be downloaded when users log on to their email via their phones. This malware can enable criminals to steal personal information and use it to illegally transfer funds to the hackers.
As such, it is important to be aware of these types of attacks and take steps so as to reduce the chances of being a victim of these malwares. One way to do so is to read reviews before downloading an app. Additionally, make sure you download an app from a reputable app store. Furthermore, make sure you never click on a link in an email, social networking site or message from someone you do not know. There are various solutions available to mitigate potential malware on mobile devices that businesses can explore to see which is most relevant.
Essentially, it is important to be aware of common forms of cyberattacks so as to reduce your vulnerability towards these attacks.
- As ransomware attacks are getting more popular, ensure that your security system is properly updated.
- Make sure you have adequate back-up solutions available so that your business is not as vulnerable to ransomware attacks.
- Employ a good e-mail security platform that will be able to scan the content of your e-mail for viruses and spams that may target your business.
- It is not just your computer that is vulnerable to cyberattacks. Smartphones are increasingly favoured by criminals who may install malwares to steal personal information. Consider solutions that can help mitigate attacks via mobile devices.