Cybersecurity Awareness Month: SMB Cyber Security Urgency is Real

For small and medium businesses (SMBs), digital transformation has brought a plethora of benefits as technology begins to add optimizations and ease to many of their daily processes. Unfortunately, the new digital age has also put a big, bright target on the backs of SMBs in all industries, as they've become victims of the new wave of cybercriminals. By leveraging innovative technology, cybercriminals have risen in terms of speed, volume, and, most dangerously, sophistication.

SMBs are common targets, as they are especially vulnerable due to their lack of awareness, knowledge, and resources, which can leave them feeling overwhelmed and alone against a looming threat landscape.

Currently, 43 percent of cyberattacks target SMBs, with 60 percent of SMBs reporting that the attacks are becoming more targeted, sophisticated, and more harmful. The average cost of attacks has increased to $3 million, with half of that cost due to downtime alone, as 40 percent of SMBs experience a minimum of eight hours of downtime post-attack.

For SMBs, the growth in scale and complexity of cyberattacks has proven extremely detrimental and, in some cases, fatal. What makes cyberattacks difficult for SMBs is the sheer variety of attacks cybercriminals leverage today. From barrages of brute-force style direct assaults (such as DDoS attacks on networks and algorithm-fueled password attacks) to sneakier attacks that aim to slip past system defenses and cause damage or steal sensitive information, there is both an increasing volume and variety of cyberattacks poised to breach an MSP’s clients' digital infrastructure.

"While there are many ways a cybercriminal might attack an SMB today, the most common among them that enterprises must be on the lookout for are phishing, BEC/EAC (email account compromise), and distributed denial of service (DDOS) attacks," said Scott Chasin, CTO of Pax8. "These types of attacks are growing in diversity, sophistication, and persistence, and our cybersecurity experts are constantly scouring the market to find the best defenses for cloud-based applications."

Phishing attacks involve sending fraudulent communications that appear to come from a reputable source and are usually performed through email, with the use of text messaging for phishing rising rapidly. Phishing is a costly trap, with the cost of lost productivity ballooning from $1.8 million in 2015 to $3.2 million per company on average in 2021 and companies falling victim daily.

"Phishing is commonly used by cybercriminals, as it's an attack that exploits an organization's last line of cyber-defense, the employees," Chasin explained. "The attack starts with a fraudulent email or other communication designed to lure a victim, with a message that is made to look as though it comes from a trusted sender. If it fools the victim, he or she is coaxed into providing confidential information, often on a scam website, or sometimes malware is also downloaded onto the target's computer."

Business email compromise (BEC)—also known as email account compromise (EAC)—is one of the most financially damaging online crimes. It exploits the fact that so many of us rely on email to conduct business. The attack is quickly becoming a large and growing problem that targets organizations of all sizes across every industry around the world. Similarly, EAC is a related threat that is accelerating in an era of cloud-based infrastructure. It is often associated with BEC because compromised accounts are used in a growing number of BEC-like scams.

"These types of attacks are difficult to detect and prevent, especially with legacy tools, point products, and native cloud platform defenses, and can range dramatically in price," Chasin said.

According to research conducted by Forbes Advisor, BEC/EAC breaches were found to be the most expensive, totaling $7.5 billion in damages from 2017-2021, more than three times the next most expensive breach.

A distributed denial-of-service (DDoS) attack is a malicious attempt to disrupt the normal traffic of a targeted server, service, or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic. DDoS attacks use multiple compromised computer systems as sources of attack traffic. Exploited machines can include computers and other networked resources such as IoT devices.

DDoS attacks have been steadily increasing in frequency over the past few years. According to a report from Cloudflare, ransom DDoS attacks increased by almost a third between 2020 and 2021 and jumped by 75 percent in Q4 2021 compared to the previous three months. The costs associated with these attacks are mounting, as well.

"With more and more computing, storage, and real-time applications moving to the cloud, organizations benefit from cloud experts who understand the differences between securing traditional infrastructure and Infrastructure as a Service," Chasin said. "We serve tens of thousands of MSPs around the world, which in turn support hundreds of thousands of SMBs, so we take cybersecurity very seriously, and based on our analytics, demand for security bundled with the cloud is growing rapidly."

A Corero survey found that DDoS attacks can cost enterprise organizations $50,000 in lost revenue from downtime and mitigation costs. Nearly 70 percent of surveyed organizations experience 20-50 DDoS attacks per month. Although most DDoS attacks don't succeed, even a few successful attacks can result in hundreds of thousands of dollars in lost revenue per month.

"While there are a variety of ways a cybercriminal may attack an SMB nowadays, the same goes for the defending team," Chasin said. "Digital transformation has helped bring forth new cybersecurity solutions to help SMBs thwart all forms of cyberattacks. Among the new cybersecurity applications, the most used are zero-trust, multi-factor authentication (MFA), and multi-layered, which incorporates an array of different cybersecurity methods."

Zero Trust is a security framework requiring all users, whether in or outside the organization's network, to be authenticated, authorized, and continuously validated for security configuration and posture before being granted or keeping access to applications and data.

Zero Trust assumes that there is no traditional network edge; networks can be local, in the cloud, or a combination or hybrid with resources anywhere, as well as workers in any location. This is a significant departure from traditional network security, which followed the "trust but verify" method, but the old model became obsolete with the cloud migration of business transformation initiatives.

The global zero trust security market size was valued at $19.8 billion in 2020 and is expected to register a compound annual growth rate (CAGR) of 15.2 percent from 2021 to 2028. The rapid growth can be attributed to the benefits zero-trust can offer when defending against a variety of cyberattacks.

Passwords are the key to accessing business data, but passwords alone are becoming an increasingly simple lock for hackers to pick. In addition to implementing strong password policies, passwords should be reinforced with extra layers of security, such as multi-factor authentication.

MFA is the best defense to reinforce passwords and strengthen access security. MFA safeguards access to apps and data by requiring a second form of authentication in addition to a password, such as time-based codes sent via text, email, or app, fingerprints, or answers to personal security questions.

Today,  90 percent of employee passwords can be cracked in six hours or less. In fact, Microsoft reported that 99 percent of account hacks are blocked thanks to MFA, making it and essential tool for MSPs today. However, it's also important to balance security with productivity — otherwise, users can experience "password fatigue" due to the effort of maintaining unique passwords for every account or become frustrated by completing MFA every time they want to sign in.

"While zero-trust and MFA can be leveraged as adequate cybersecurity solutions are their own, they can also be part of a multi-layered approach to security," Chasin said. "To defend against an increased rate and range of attacks, businesses need to take a multi-layered defensive approach that overlaps safeguards, limited access points, end-user training, and perimeter defenses. Modern companies need to become digital fortresses, with multiple layers of proactive protection that serve to monitor, detect, alert, and prevent the onslaught of cyberattacks."

With SMBs feeling overwhelmed and under-prepared for the increasing volume and variety of cyberattacks, the ability to adopt and leverage a cybersecurity solution, or multiple ones, has become critical for SMBs who wish to remain competitive or merely survive in the digital era. By taking precautions, identifying gaps in their technology stacks, and deploying the proper security solutions of their choice, SMBs can rest assured knowing that they have what they need to combat today's advanced cyber threats.