No longer just the big names that are getting singled out
SMBs are increasingly the victims of cyber criminals, but with stretched budgets they are struggling to keep their business secure, says Kaspersky Lab.
The number of cyber attacks have increased over the past couple of years, though the most visible incidents are always the most high profile enterprises.
This increase in attacks is contributing to the real and current risk that faces SMBs, the antivirus vendor says, as criminals begin to target their attacks at specific businesses.
“For about ten years we have faced cyber crime – malicious code for profit,” David Emm, Senior Security Researcher said at a Kaspersky Lab roundtable discussion today. “In general that has been attacks that are random and speculative in nature.”
There has however been an increase in the number of attacks aimed at specific businesses, he says, and in many cases smaller ones which are not as prepared to protect against attacks.
“Over the past two years we have seen as increase in targeted attacks,” he said. “This is when cyber criminals know exactly who they want to go for, they gather their intelligence and frame their code and go after specific information – or they want to disrupt that business.”
SMBs are not immune to this threat he says, though they often fall into a false sense of security as the majority of visible cases are big name firms, such as LinkedIn.
“There is no organisation that is immune,” he says. “It can be very large organisations, or it can be very small organisations.”
Emm’s comment echo MI5 boss Jonathan Evan’s comments earlier this week, about “astonishing” level of threat from cyber attack on UK businesses. He referred to one business which lost over £800 million due to espionage.
But cyber criminals are not only looking to land rewards of this size – increasingly it is those businesses with smaller budgets, and hence reduced ability to withstand newer, more targeted attacks.
Part of this is due to the increasingly mobile workforce adding to the plethora of threats that face business security, with enthusiasm to use a wider range of devices in the workplace that are susceptible to being compromised.
“The complexities are increasing really astronomically, and the resources are not – the resources are finite – and in some cases they are contracting,” said Peter Beardsmore, Senior Director of Products and Services at Kaspersky.
“In terms of what they have to face in their day to day life is a constantly increasing magnitude of things that they need to see and control and protect,” he says.
“The reality is that SMBs are an equal target.”