Almost Half Of Cyber-Attacks Are Directed At SMEs

Cyberattacks on big companies often make headlines, but some 43% of all cyberattacks actually target SMEs, according to data compiled by SCORE

Macro malware is the most impactful form of cybercrime affecting SMEs currently, according to a  press release announcing the findings.

In 2017 alone, SMEs in the US faced 113,000 incidents of macro malware, the release said. Macro malware is often found in malicious email attachments, appearing as a word processing document or similarly familiar type of file.

Of the 269 billion emails sent and received last year, 39% were spam, the release said. Small business owners and security pros can protect themselves from these macro malware attacks in two specific ways. 

  • The first, which is obvious, is to avoid downloading attachments from unknown senders. 
  • Secondly, though, one can disable macros in Microsoft applications as a further form of protection.

Online banking attacks were also prevalent among SMEs last year. These attacks often use malware to steal account credentials or credit card data. To protect themselves, SME owners should directly type in the bank's website address and double check it before visiting, while also enabling multi-step authentication on their online banking account.

Ransomware is also still alive and well. In 2017, SMEs were affected by 54,000 ransomware incidents, the release said. Ransomware is a form of malware that, once downloaded, encrypts a victim's files until a monetary ransom is paid, often in cryptocurrency. However, many experts recommend not paying the ransom, as only  19% of victims who pay actually get their data unlocked.

The ransom cost, on average, is relatively low, the release said, at $1,077. However, when the opportunity and recovery costs are factored in, that amount jumps to $133,000, the release noted, which could be unsustainable for many SMEs.

To stay safe, SMEs can "protect themselves by ignoring suspicious emails with urgent requests for personal information, avoiding opening emails from unknown contacts, and regularly updating software to patch vulnerabilities," the release said.

TechRepublic:

You Might Also Read:

Five Key Ways to Protect Your Company Against Cyber Attacks

« New iPhone Bug Gives Anyone Access To Your Photos
New Partnership To Combine Cyber AI And Forensics »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ON-DEMAND WEBINAR: Navigating cloud security: The importance of posture management tools

ON-DEMAND WEBINAR: Navigating cloud security: The importance of posture management tools

Watch this webinar to see how cloud security posture management (CSPM) tools can fit into your cloud security strategy.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Qualys

Qualys

Qualys is a pioneer and leading provider of cloud security and compliance solutions.

Mastercard

Mastercard

MasterCard is a leading global payments solutions company that serves consumers and businesses in over 210 countries and territories worldwide.

vdiscovery

vdiscovery

vdiscovery is a provider of proprietary and best-in-breed solutions in computer forensics, document review, and electronic discovery.

Fingerprint Cards

Fingerprint Cards

Fingerprint Cards develops and produces biometric components and technologies that verify a person’s identity through the analysis and matching of an individual’s unique fingerprint.

ESL Bangladesh

ESL Bangladesh

ESL is the Largest IT Infrastructure & Telecom Service Provider in Bangladesh.

LUCY Security

LUCY Security

LUCY is the answer when you want to increase your IT security, maintain your cyber security awareness, or test your IT defenses.

Farsight Security

Farsight Security

Farsight Security provides the world’s largest real-time actionable threat intelligence on how the Internet is changing.

Global Cybersecurity Forum (GCF)

Global Cybersecurity Forum (GCF)

Global Cybersecurity Forum is a catalyst platform designed to create a more resilient and better cyberworld for all.

Randstad

Randstad

Randstad provide outsourcing, staffing, consulting and workforce solutions in the USA across a wide range of job sectors including IT and cybersecurity.

Lexsynergy

Lexsynergy

Lexsynergy is a global domain name management and online brand protection company.

Telstra

Telstra

Telstra is one of the world's leading telecommunications and technology companies, offering a wider range of services from networks and cloud solutions to mobility and enterprise collaboration tools.

Digital Security by Design (DSbD)

Digital Security by Design (DSbD)

Digital Security by Design is an initiative supported by the UK government to transform digital technology and create a more resilient, and secure foundation for a safer future.

DIGISOC

DIGISOC

DIGISOC, a leader in Latin America in Cybersecurity solutions, combines machine learning with human intelligence to be effective in detecting cyber threats.

ZoobeTek

ZoobeTek

ZoobeTek are a company focused on preventing leaks related to the security of business information3.

Vernetzen

Vernetzen

Vernetzen is an industrial network and cybersecurity innovator focused on delivering practical solutions to connect and secure industry across the globe.

QPoint Technologies

QPoint Technologies

QPoint provides solutions and consulting in areas including software engineering, testing, cybersecurity, ICT, web, mobile, project management, and complex integration processes.