PROMOTED — The now cliché expression ‘it’s not a case of when but if you’re hit by a cyber-attack’ is still relevant for organisations of all sizes and in all industries. However, the way different businesses can handle the threat varies significantly.
Having the time and resources to effectively navigate the current threat and security landscape is not necessarily a luxury that small-to-medium (SMEs) enterprises have. After all, they have fewer resources – with fewer employees with the required information security skill set than their larger counterparts. This is compounded by the amount of effort these IT and IT security managers have to spend on numerous security priorities. They have to contend with securing devices, keeping up to date with laws and compliance issues and reading up on the latest threats, before actually procuring the right technologies for their businesses.
See also: The Growing Threat from Fileless Attacks
Their challenges are also becoming more complex, with the likes of ransomware attacks becoming more frequent.
“Cybercriminals have realised that targeting businesses is much more lucrative [than targeting consumers], so it’s no surprise that a third of ransomware attacks in 2019 affected organisations,” says David Emm, Senior Security Researcher, Global Research and Analysis Team, Kaspersky
Emm explains that these attacks seek to exploit any event or situation that can be used to trick people into responding to their phishing messages – including sporting events, natural disasters and busy shopping periods.
“Currently, COVID-19 not only offers a topic that everyone is interested in, but provides a pool of potential victims in the form of remote workers, many of whom are not always protected effectively,” he says.
But it’s not just links or attachments that can trigger a ransomware attack.
“Ransomware can work by exploiting vulnerabilities in software or through ‘drive-by downloads’ after compromising vulnerable web sites,” says Emm.
No longer ‘under the radar’
Organisations that once assumed they were ‘under the radar’ in terms of advanced threats, are finding out that things have changed. Cybercriminals tools – including those used to create ransomware attacks – are becoming incredibly cheap and accessible, meaning that anyone with a computer can now launch cyber-attacks, and aim them towards SMEs that may have never been targeted in the past.
According to a SANS Institute study, 53% of organisations endpoints have been compromised at some point. Ransomware can enter through the endpoint or can be triggered there, so one of the best ways for a business to protect its assets is to protect its endpoints.
Those inflicting these attacks know that SMEs may believe themselves to be ‘under the radar’, and that they are more likely to have a lack of resources, a lack of effective protection and more incidences of human error – as cyber security training is unlikely to be priority. It’s for all of these reasons that SMEs are a perfect victim for attackers.
How SMEs can change from being the perfect victims
There are a number of things SMEs can do to ensure they’re protected against ransomware attacks, despite having fewer resources. Effective endpoint protection, updates to operating systems and applications to close up the holes that cybercriminals seek to exploit as the first steps.
In addition, Emm urges businesses to backup data regularly and ensure that backup drives are stored offline – to prevent them from being encrypted too, in the event of a ransomware attack.
SMEs have to make sure there is a return on their investment; and therefore products which automate security tasks, are easier to deploy and control are key – as it will mean the organisation can continue to rely on limited security specialist expertise, but combine it with a professional vendor’s speciality.
The user is the single most vulnerable component of any organisation’s infrastructure – with human error an extremely common issue – so it is imperative that SMEs take a stronger stance on cyber security awareness training.
Ticking all of those boxes is complicated, but a highly automated integrated solution like Kaspersky Endpoint Security for Business can help organisations with ransomware, fileless attacks, malware and so much more.
See also: The Need for Improved EDR Amid the “New Normal” of Remote Working
In addition, systems hardening and human error mitigation is provided through granular controls – with users able to control applications, devices, and the web, as well as being able to automatically raise security to the highest level appropriate to everyone in the organisation. What’s more, as SMEs may be concerned about a lack of personnel, the Kaspersky Sandbox automatically detects and responds to threats designed to bypass endpoint protection, meaning that no human intervention is required.
When Kaspersky Endpoint Security for Business, Sandbox, and EDR Optimum are combined they become a fully integrated solution to protect you from the latest threats, zero days, as well as give enhanced visibility making incident response, root cause analysis, and digital forensics a significantly easier process.
As all of the components to the solution are built in-house from a single code-base and administrated through the same single console, utilising the same multi-purpose endpoint agent, day-to-day management is centralised, straightforward and efficient. Kaspersky also offers an automated learning management platform to raise cyber security awareness and educate staff.
Combining better controls and awareness with strong baseline endpoint protection, can help SMEs to tackle ransomware. If SMEs don’t take note now, then the case of ‘when’ is likely to come sooner.