Unless you’re in IT (or a geek), nobody wants to talk about malware attacks. This is one of those times we have to though, because malware is at an all-time high.
Malware attacks are targeting small and medium-sized businesses more aggressively than ever, with nearly 50% of all malware attacks focused on SMBs.
Small businesses are disproportionately affected by cyberattacks due to factors like limited cybersecurity investments and smaller IT budgets. Despite less news coverage, small businesses suffer more from cyberattacks, potentially leading to closure due to the high recovery costs.
It’s important to understand so you know how to protect your business from these cyber threats.
So, what is malware anyway?
Malware is a shortened name for malicious software. It’s essentially software designed with malicious intent, to cause harm and exploit systems by hijacking core computing functions.
The term malware is an umbrella term that covers other sub-types of harmful software. You’re probably familiar with terms such as viruses, worms, trojan horses, spyware, and ransomware. Each type of malware acts differently but all share the common goal of damaging your digital data, and profiting from it.
What types of malware are out there?
Those are the general types of malware, but new information is showing what is prevalent now, and growing exponentially.
Why should you be concerned? Because it can put you out of business. I’m not trying to be hyperbolic or dramatic for “clickbait” type of attention. It really is a scary thing.
These are the main malware threats you should be aware of:
Data Theft
Data is the main goal here. Malware isn’t really designed just to mess with you like a bully does, it’s designed to steal your data. Because data is worth money.
You might be saying to yourself, but I’m just a nobody company. My data isn’t worth anything.
That’s a critical fallacy. Your digital data is very valuable to a lot of people. You, for one (which is why ransomware is so effective), your customers, your vendors, and loads of people on the dark web are willing to buy it. On a personal level, just think how much your social security number and mother’s maiden name would be valuable to a criminal. That’s exactly the same way your business data is valuable.
That is why data theft is a major threat, with malware such as spyware and keyloggers making up a large portion of attacks. 90% of all cyberattacks reported involved data or credential theft. Over 75% of these attacks targeted small businesses. Other tactics such as phishing, SEO poisoning, and exploiting unpatched software were other ways criminals gained access to business systems.
Ransomware
The big R. This is the one you hear in the news all the time, especially in regard to giant corporations, health organizations, governments, etc…
Small businesses don’t make the news because they are small names and won’t get clicks. Ransomware is a huge threat to small businesses and continues to be one of the dominant threats with significant consequences, increasing 62% last year. The LockBit ransomware, for instance, was particularly prevalent in 2023.
Ransomware attacks often exploit vulnerabilities in network-connected devices and software to gain access. Other times It’s the follow up once credentials are gained in social engineered attack like phishing.
At the end of the day though, your data gets locked up, your systems are frozen, and there is literally no way to get it back. Paying the ransom doesn’t guarantee you get it back, nor does it guarantee that you won’t get hit with ransom again (look at the recent United Healthcare double ransom from February and again in April), nor does it guarantee that your data won’t be sold on the dark web anyways. Once they have your data, the toothpaste is out of the tube. There’s nothing you can do to get it back in.
Cybercrime as a Service
You know how everything is a service these days? Netflix gives you TV as a service, Spotify is music as a service, and even at Xentric we offer IT solutions as a service.
Well, cybercrime is also offered as a service as well. Kind of mind boggling, right? Known as Cybercrime as a Service (CaaS) or Malware as a Service (MaaS), criminals subscribe to established malware frameworks to deliver their attacks. These tools are huge and very prevalent in malware use today, and their use is growing. A frequently used one is called AgentTesla.
Zero-Day Exploits
Do you know how antivirus works? It basically looks at the malware and compares it to a giant library of every known malware ever reported to see if it matches. That’s good, but it isn’t sufficient these days, and honestly, most antivirus will miss most threats. Why?
Imagine if you had something new that nobody knew existed. It would go undetected by every single antivirus out there. That’s why an unknown threat is so effective and devastating.
This isn’t only about viruses though. Weaknesses in software and devices can be exploited as well. These vulnerabilities are not known to be a weakness and an attack point until somebody attacks them. When that happens, it’s called a Zero-Day Exploit. Everything that follows is reactionary. That’s why Zero-Day attacks were very prevalent in the past year.
Social Engineering
I mentioned that ransomware can be a follow up attack after social engineering. Social Engineering refers to the tactic of bypassing security with social trust. When you look at a sophisticated phishing email, it’s difficult to tell that it is not legitimate. It uses every social cue to pose as an existing trusted person or company, tricking the recipient into trusting the criminal.
It’s been getting increasingly more advanced with AI and machine learning delivering better communication without typical language flaws like misspellings and discovering what types of language do not get flagged by security defenses.
Security Recommendations to Protect Your Business
There are more threats to go on about, but these key types are what you should be aware of. More importantly, instead of reading a novel-long article about threats, let’s talk about what you can (and should) do to protect yourself from them.
An ounce of prevention is worth a pound of cure.
Don’t be the guy that makes a decision to do something when it’s too late. Do it now. These solutions are preventative in nature and do no good after you already have a breach.
Educate Your Team
You’re reading this, which means you have at least a little concern about cybersecurity for your business. Your employees probably don’t though.
The problem is that your employees are your front line. They process everything to get things done for your business. They get zillions of emails daily, and with it all the threats.
Do they know about the malware attacks I just listed out? Can they spot a phishing email? Would they click a suspicious link? Teaching your team to stay vigilant is critical to successful security. The best security in the world can be offset by an employee who opens the doors with a single click.
You should talk to them about threats and how to handle them in your business. If you want to go the extra mile, you can get them training to educate them. Training should be ongoing to keep things fresh and relevant (lest they forget) and gamified to make it entertaining so they don’t cringe at a horrible training that they don’t want to do.
Secure Your Accounts
Want the simplest and cheapest way to boost your security? Use a password manager and MFA.
Password Managers are software that can store your credentials for you, and enter them with a click. No, don’t use the one in your browser. Those are horrendously insecure. There are plenty of password managers to choose from, ask me for any recommendations if you need help. The benefit of the password manager is that it promotes unique, impossible to guess passwords for every single account.
Then implement MFA (Multi-Factor Authentication). This simple measure increases the security of your accounts significantly. It’s better to use an authenticator code rather than an email or text message method, since those can be compromised easily. Guess what? Your password manager can handle this for you too. It can store the secondary authentication codes needed for MFA.
Secure Your Devices
Your devices should have security. As I said, antivirus isn’t enough these days. Yes, you should have it as part of your total security platform, but better protection is required. Protection that looks not just at files, but how files behave. That way it can recognize threats by how they are acting and stop them in their tracks. That is what modern, advanced protection looks like.
Strengthen Your Network
Just like your devices, your network needs to be secured. You should have a firewall as security to the perimeter of your network, along with data encryption, proactive threat monitoring, and email security.
Back Up Your Data
Consistently making a backup of your data is a long known good practice. You’re doing that? Good, but it’s not enough. Did you know that the majority of backups are at least partially unrecoverable? A large percentage is not recoverable at all. Making a backup is no good if you can’t recover it.
Backups should be made to secure, offsite locations. They should also be tested for viability so you know you can recover them. You should also make full image backups, so you can access your data quickly in case recovery is needed. It’s not just the concept of being able to recover your data, but also the business continuity plan so you can function until fully recovered.
It’s a lot to process, but remember, being informed is your best defense. These lists of threats and solutions are not meant to be exhaustive either, so if you want to know more then follow along as we constantly post updates.
We specialize in helping our clients manage these risks, so they can focus on what they do best. If you think we can assist you, let’s connect.