Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label SMBs. Show all posts
SMBs
Australian Businesses Australian Government Cyber Security cyber threat Small Businesses SMBs

Australian SMBs Faces Challenges in Cyber Security


The internet has turned into a challenge for small to midsize businesses based in Australia. In addition to the difficulty of implementing innovative technology quickly and with limited resources because of the rate of invention, they also face the same cyberthreats that affect other organizations. Then, as 60% of SMBs close following a breach, companies that are breached are likely to fail later.

This has raised concerns of the regulators. 

According to a recent report by ASIC, ‘medium to large’ business firms are recently been reporting severe cyber security capabilities in comparison to other organizations, including supply chain risk management, data security, and consequence management.

In response to the aforementioned threats, the Australian government has announced an AU $20 million package to boost small businesses. An optional cyber "health check" program is being established as part of this to assist small business owners in assessing the maturity of their cyber security. A Small Business Cyber Resilience Service, which will offer a one-on-one service to assist small firms in recovering from a cyber assault, will also receive $11 million of the package. 

This initiative will focus on areas where SMBs are the most vulnerable. However, small firms will also need to take it upon themselves to place a lot greater emphasis on resilience than they have been doing in the face of growing cyber threats. 

The Risk in Numbers 

The ASIC research analysis found that small businesses are only slightly more effective than half of their medium and big counterparts in several areas, such as identifying threats and overcoming them.

The significant percentages of small businesses are as follows:

  • Do not follow or benchmark against any cyber security standard (34%).
  • Do not perform risk assessments of third parties and vendors (44%).
  • Have no or limited capability in using multi-factor authentication (33%)./ Do not patch applications (41%).
  • Do not perform vulnerability scans (45%). Do not have backups in place (30%).

The Cost to Small Business

The Annual Cyber Threat Report 2022-23 published by the Australian Signals Directorate reveals that the average cost of cybercrime has increased by 14% over the past year. Small firms paid $46,000, medium-sized organizations paid $97,200, and bigger enterprises paid $71,600.

Of course, that is a financial burden for any business, but it seems to be especially harmful for SMBs. Approximately 60% of small firms that experience a breach ultimately go out of business as a direct result of it.

These organizations face a real existential threat from cyber security. Even those who manage to escape the breach's direct costs still have to deal with the harm to their reputation, which can cost them partners and customers as well as short-term cash flow. In the best-case scenario, a cyberattack "just" prevents the small business from expanding and growing.

What can Small Businesses do? 

After identifying the restrictions on resources available to small businesses, the ASD and Australian Cyber Security Centre have designed the Essential Eight, a set of best practices for security and small enterprises. These are as follows:

  • Creating, implementing and managing a whitelist of approved applications. 
  • Implementing a process to regularly update and patch systems, software and applications.
  • Disabling macros in Microsoft Office applications unless specifically required, and training employees not to deploy macros in unsolicited email attachments or documents. 
  • Securing the configuration of web browsers to prevent harmful content, hence hardening user applications. Keeping browser extensions up to date and only using those that are required.
  • Restricting administrative privileges to those who need them. 
  • Configuring operating system patching through automatic updates.
  • Using strong, unique passwords and enabling multi-factor authentication. 
  • Isolating backups from the network and performing daily backups of important data.  

Read more »
Threat actors
Cyber Attacks Huntress SMB Report Malware Free Attacks RMM Software SMBs Threat actors

SMBs Witness Surge in ‘Malware Free’ Attacks


According to the first-ever SMB Threat Report from Huntress, a company that offers security platforms and services to SMBs and managed service providers (MSPs), the most common threats that small and medium businesses (SMBs) faced in Q3 2023 were "malware free" attacks, attackers' growing reliance on legitimate tools and scripting frameworks, and BEC scams.

“Malware Free” Attacks on the Rise

In 44% of cyberattack incidents, attackers tend to deploy malware. However, in the remaining 56% of events, scripting frameworks (like PowerShell) and remote monitoring and management (RMM) software were used along with "living off the land" binaries (LOLBins).

The increased use of RMM software has turned out to be a concerning trend that is challenging to reverse.

“At the SMB level, LOLBin use is especially concerning given the state of monitoring and review for many organizations. Many critical entities—from local school districts to medical offices—may find themselves at best leveraged for cryptomining or botnet purposes, and at worst, the victims of disruptive ransomware,” the researchers noted.

The researchers notes that in over 65% of security incidents, threat actors utilize RMM software as their methods for persistence or remote access mechanisms following the initial access to the victim user's system.

Since RMM tools are largely used as legitimate software, in case they are used for any intrusion purpose, they can readily evade anti-malware security and blend in with the environment when employed for infiltration purposes. Additionally, few small businesses audit the use of RMM tools.

“In some cases, Huntress has observed adversaries diversifying among several RMM tools, such as using a combination of commercial and open-source items, to ensure redundant access to victim environments,” the researchers noted. “Therefore, monitoring RMM tool use and deployment within defended or managed environments is an increasingly important security hygiene measure to ensure owners and operators can identify potential malicious installations.”

Additional Findings

Affiliates of ransomware and operators of business email compromise (BEC) persist in their targeting of end users through the use of phishing.

Notably, malicious forwarding or other inbox rules were engaged in 64% of identity-focused assaults that SMBs faced in Q3 2023, while logins from strange or suspect places were linked to 24% of these attacks.

“While the ultimate goal of such activity remains, in most cases, BEC, defensive visibility and adversary kill-chain dependencies mean these actions are largely caught at the account takeover (ATO) phase of operations,” the experts concluded.

In 2023, Qakbot-related cybersecurity incidents have declined, with this downward trend anticipated to continue.

The findings further note that 60% of ransomware incidents were caused by uncategorized, unknown or "defunct" ransomware strains. This demonstrates a variation in the kind of ransomware frequently observed in corporate settings, where "known-variant ransomware deployments" are the primary target.

“Whether for monetization purposes through ransomware or BEC, or potentially even state-directed espionage activity, SMBs remain at risk from a variety of entities,” the researchers added. 

The researchers further raised concerns towards the adversaries that are exploiting the gaps in  users’ visibility and awareness over evading security controls. While spam filtering and a solid anti-malware program used to be enough for a small business to "get by," the current threat landscape makes these straightforward efforts inadequate.


Read more »
SMBs
CISA Cyber Securities Cyberattacks IIT Small Businesses SMBs

Cybersecurity Experts are Scarce for Companies and SMBs

 


In 2023, more than half of small and midsized businesses (SMBs) intend to increase their expenditures on cybersecurity — which is a positive development since six out of ten firms (61%) do not have cybersecurity staff, about half (47%) do not have incident response plans, and 40% do not conduct formal awareness training on cybersecurity. 

A study by Huntress of IT professionals at small and medium-sized businesses with 250 to 2,000 employees published on March 15 indicates that although many of the respondent organizations have deployed a range of cybersecurity products, they found that they are not the only ones. Even though they tend to ignore basic defensive measures (email security (86%), endpoint protection (79%), and network protection (73%), the US Cybersecurity and Infrastructure Security Agency (CISA) recommended recently that workers supplement their password security with two-factor or multiple-factor authentication as a means of strengthening their password security.  

As a result of their lack of preparation, understaffing, and/or under-resourcing, a majority of these companies feel unprepared or under-resourced to respond to evolving threats. Many of these businesses face difficulties obtaining cybersecurity insurance coverage and ensuring their employees are properly trained on security issues. According to Huntress' report, several midsize companies know multiple cybersecurity layers are necessary. However, there are significant gaps in the tools and planning processes used by these businesses. 

Additionally, a full third of the respondents (34%) said they are unaware of advanced threats and do not believe they could detect them. 

According to Roger Koehler, CISO at Huntress, a substantial percentage of individuals are unaware that their identities have been targeted. For these organizations to remain protected, visibility is of the utmost importance. This is because malicious actors can spend weeks or even months sitting in their networks, gaining footholds, and gathering information to perform their attacks. 

According to the Huntress study, 14% of respondents in this business segment confirmed having experienced an attack within the last year. There was also 10% of IT professionals unsure whether there had been a cyberattack during the survey period. In the United States, there are about 6 million companies between the ages of 250 and 2000 that employ 250 to 2,000 people. Those numbers add up pretty quickly. 

Cyber Spending is Expected to Increase 

It was interesting to read that Huntress also found that 49% of organizations are planning to spend more money on cybersecurity in the upcoming year. This is to meet the staggering need for increased knowledge and preparedness in the cybersecurity arena. A proactive approach to cybersecurity on the part of such a large number of small and medium-sized businesses is encouraging, Koehler says, rather than simply reacting to attacks as they occur. As a result, the biggest challenge in spending that budget will be finding the right employees within the organization. 

"It seems that middle-sized businesses are not just waiting for an attack to occur and subsequently reacting to them, but are investing in preventative measures so that these attacks can be prevented before they ever take place," Koehler says. As well as having the right people on your team, midsize businesses could benefit from having the right people to deal with attacks.  It is estimated that there are 700,000 cybersecurity jobs available as of the end of last fall, which is an increase of 43% from the end of 2021. Finding cybersecurity professionals in high demand is becoming increasingly difficult with the increase in burnout and dissatisfaction among cyber professionals. 

Managed cybersecurity services will experience significant growth in the coming years, thanks to the combination of stronger budgets and a stronger market for talented cybersecurity professionals. An analysis by McKinsey published in October concluded that this is the case. Consultants for the company believe that managed security service providers will be able to capture the majority of market share, as well as security-and-operations management projects.

According to McKinsey's analysis, over the next two years, its forecasted shift of allocated security spending to internal compared to third-party services is expected to increase across all segments of the market. Whenever talent is an issue, companies will need to turn to outsourced services when it comes to achieving strong security results, as long as talent remains a challenge. 
Read more »
Subscribe to: Posts (Atom)