"Businesses that fail to implement basic security best practices will continue to be vulnerable."
5/4/2017
12:00 PM
Kelly Sheridan
Basic security practices could protect small- to midsized businesses from cybercriminals looking for low-risk, high-reward targets.
The greatest security threats aren't necessarily the most complex. Basic attacks pose the greatest risk to small- and midsized businesses (SMBs) as attackers realize they don't need advanced methods to exploit victims.
This is one of the findings in the 2016 Midmarket Threat Summary Report from the eSentire Security Operations Center (SOC), which detected nearly 5 million attacks across multiple industries. It found SMBs are often victims of cybercriminals seeking low-risk, high-reward targets.
"What we're seeing from the data, the majority of attacks are not sophisticated," says Viktors Engelbrehts, director of threat intelligence at eSentire. "They are really basic, and [attackers] are using basic tools as a means to achieve objectives."
The most frequent threat categories were intrusion attempts, information gathering, and policy violations, which collectively represented 63% of all observed attacks. Intrusions, primarily web attacks, marked the top threat category at nearly 30% of all events.
"It's the most logical entry point apart from users," says Engelbrehts of web intrusions, where attackers have recognized the benefit of a larger attack surface. "It's always easy because you have millions of web applications with poor security controls."
Cybercriminals don't need to use sophisticated malicious code attacks when methods like ransomware can successfully exploit "low-hanging fruit" and web applications are written without security in mind. Only 12% of detected attacks involved malicious code, indicating a growing preference for inexpensive and automated strategies.
Interestingly, this research discovered timing may also affect whether or not your organization is breached. "Seasonal correlation was a surprise," admits Engelbrehts. Attacks rose between March and April, fell in June and July, and picked up again in September and October.
While he could not give a definitive reason for this, Engelbrehts noted there are several factors that could affect timing of attacks. Announcements about a breach, or the prosecution or indictment of cyber attackers, could influence activity.
Rudimentary attacks are expected to remain a threat so long as these techniques are effective. The problem is, cybercriminals know where they're mostly likely to find success -- and their top targets don't know how to defend themselves.
"Unfortunately, security is not generally a strong side," says Engelbrehts of SMBs. "Traditional small businesses don't have resources, don't have personnel, don't have expertise."
Large corporations have been targeted, and many have been breached, for years and can afford the right security measures. Major banks may prove attractive targets but might also require attackers to procure a tremendous amount of resources to be successful.
Businesses that fail to implement basic security best practices will continue to be vulnerable.
Many organizations, driven by a combination of hype and fear, have tried to solve security problems by "checking boxes" in recent years, says Engelbrehts. This tactic provides temporary relief but doesn't work in the long term without a strong foundation.
At Mnemonix, we specialize in supporting IT for small and mid-sized businesses. Don't let the thought of a cyber breach keep you awake at night! Give us a call at 616-588-7740 to see how we can help you take control of your IT.
12:00 PM
Kelly Sheridan
Basic security practices could protect small- to midsized businesses from cybercriminals looking for low-risk, high-reward targets.
The greatest security threats aren't necessarily the most complex. Basic attacks pose the greatest risk to small- and midsized businesses (SMBs) as attackers realize they don't need advanced methods to exploit victims.
This is one of the findings in the 2016 Midmarket Threat Summary Report from the eSentire Security Operations Center (SOC), which detected nearly 5 million attacks across multiple industries. It found SMBs are often victims of cybercriminals seeking low-risk, high-reward targets.
"What we're seeing from the data, the majority of attacks are not sophisticated," says Viktors Engelbrehts, director of threat intelligence at eSentire. "They are really basic, and [attackers] are using basic tools as a means to achieve objectives."
The most frequent threat categories were intrusion attempts, information gathering, and policy violations, which collectively represented 63% of all observed attacks. Intrusions, primarily web attacks, marked the top threat category at nearly 30% of all events.
"It's the most logical entry point apart from users," says Engelbrehts of web intrusions, where attackers have recognized the benefit of a larger attack surface. "It's always easy because you have millions of web applications with poor security controls."
Cybercriminals don't need to use sophisticated malicious code attacks when methods like ransomware can successfully exploit "low-hanging fruit" and web applications are written without security in mind. Only 12% of detected attacks involved malicious code, indicating a growing preference for inexpensive and automated strategies.
Interestingly, this research discovered timing may also affect whether or not your organization is breached. "Seasonal correlation was a surprise," admits Engelbrehts. Attacks rose between March and April, fell in June and July, and picked up again in September and October.
While he could not give a definitive reason for this, Engelbrehts noted there are several factors that could affect timing of attacks. Announcements about a breach, or the prosecution or indictment of cyber attackers, could influence activity.
Rudimentary attacks are expected to remain a threat so long as these techniques are effective. The problem is, cybercriminals know where they're mostly likely to find success -- and their top targets don't know how to defend themselves.
"Unfortunately, security is not generally a strong side," says Engelbrehts of SMBs. "Traditional small businesses don't have resources, don't have personnel, don't have expertise."
Large corporations have been targeted, and many have been breached, for years and can afford the right security measures. Major banks may prove attractive targets but might also require attackers to procure a tremendous amount of resources to be successful.
Businesses that fail to implement basic security best practices will continue to be vulnerable.
Many organizations, driven by a combination of hype and fear, have tried to solve security problems by "checking boxes" in recent years, says Engelbrehts. This tactic provides temporary relief but doesn't work in the long term without a strong foundation.
At Mnemonix, we specialize in supporting IT for small and mid-sized businesses. Don't let the thought of a cyber breach keep you awake at night! Give us a call at 616-588-7740 to see how we can help you take control of your IT.