Attacks including malware and cryptominers are targeting SMBs, and cybersecurity budgets can't keep up.
The majority of SMBs (57%) are seeing an increase in cyberattacks in 2018, according to a recent survey from Barkly. When asked about future attacks on SMBs, the same percentage predicted them to continue increasing.
SMBs are not only seeing more attacks, but two-thirds reported increased sophistication in those attacks, said the report. Criminals can easily access a variety of plug-and-play options that are pieced together to create complicated malware campaigns, according to the report. In fact, exploit builder kits, like ThreadKit and GandCrab, are regularly and immediately updated on the latest attack strategies, continued the report.
SEE: IT leader's guide to cyberattack recovery (Tech Pro Research)
In the past year, SMBs have seen the largest increase ever in a slew of different attacks, and not necessarily in the threat vectors people might expect. Here are the top five biggest attacks SMBs have faced in the past 12 months:
- Attacks abusing Microsoft Office programs
- Attacks installing cryptominers
- Ransomware attacks
- Attacks abusing other legitimate Windows apps
- Attacks utilizing worming/lateral movement components
With ransomware falling to third place, it appears not to be as prevalent of a threat. However, the report explained that even though those attacks aren't the most frequent, they are still one of the most dangerous.
Despite the significant increase in cyberattacks, only 36% of SMBs expect to see an increase in their security budget for 2019, according to the report. The lack of support and resources is troublesome, as IT pros will have to work with the tools they have to stay protected.
Even if a company is attacked, however, that doesn't necessarily mean they will allocate more resources towards cybersecurity efforts. Survey respondents indicated only 20% of successfully deployed cyberattacks result in any changes to security solutions or budgets in companies.
Check out this TechRepublic article for seven tips on how SMBs can improve their data security.
The big takeaways for tech leaders:
- With 57% of SMBs facing increased cyber attacks in 2018, criminals are on the hunt for vulnerable programs. — Barkly, 2018
- Attacks on Microsoft Office programs are the most seen attack vector this year, yet only 36% of SMBs expect to see an increase in cybersecurity budgets. — Barkly, 2018
- You've been breached: Eight steps to take within the next 48 hours (free PDF) (TechRepublic)
- Ransomware: Not dead, just getting a lot sneakier (ZDNet)
- Cheat sheet: How to become a cybersecurity pro (TechRepublic)
- Cross-site scripting attacks: A cheat sheet (TechRepublic)
- Business size not an issue in cyber crime (ZDNet)
- The average SMB website is attacked 44 times per day (TechRepublic)