Small business owners often believe that their companies are not all that interesting as targets for cybercriminals. Indeed, on the one hand, there is less potential benefit for the cybercriminals from an attack on such organizations. On the other, small businesses have much smaller budgets for cybersecurity, and, as a rule, have no dedicated information security specialist at all. That greatly increases the chances of a successful attack. But these are all theoretical considerations. Let\u2019s take a closer look at five real reasons why a small company can become the victim of a cyberattack.<\/p>\n
Our experts recently investigated the shadow market for initial access to corporate infrastructure. According to the results of their study<\/a>, most of the ads posted on the darkweb offer access to small companies. In practice, this means that attackers won\u2019t waste time or resources on attack preparation \u2014 they\u2019ll simply purchase access from initial-access brokers, and use it to infect your computers with malware or steal confidential information.<\/p>\n Phishing emails and malicious attachments are not necessarily sent directly to employees of a company. Sometimes attackers collect email addresses related to some industry, and sometimes they simply send them to a broad list of recipients. One way or another, among the recipients of such emails may be employees of any company, including SMBs.<\/p>\n Financial malware is usually used to steal credentials from online banking services or payment systems. The size of a victim-company isn\u2019t so important for attackers \u2014 even the data of individual users is of interest to them. Furthermore, according to the Financial Cyberthreats in 2021<\/a> report, small businesses make up a large percentage of those victimized by cybercriminal groups like Zbot, SpyEye, CliptoShuffler and Emotet.<\/p>\n The WannaCry<\/a> epidemic occurred more than five years ago, but its legacy is still felt today: any vulnerability that experts call \u201cwormable\u201d (i.e., can be used for spreading malware over a local network), inevitably causes media hype. If malware has the functionality of a worm, then a single infected device (for example, a laptop that was infected at someone\u2019s home) can compromise the entire corporate network.<\/p>\nMalicious mailouts<\/h2>\n
Financial malware<\/h2>\n
Mass epidemics<\/h2>\n
Supply-chain attacks<\/h2>\n