Small to medium businesses (SMBs) are falling prey to cyber attacks as hackers increasingly use point of sale (PoS) malware and sophisticated exploit kits to steal sensitive data, according to a report by security firm Trend Micro.
The report, titled Hazards Ahead: Current Vulnerabilities Prelude Impending Attacks, found that weak SMB security standards were heavily exploited in Q3 2015, and Trend Micro predicts that this pattern is likely to continue into the next year.
A lack of resources often results in SMBs sacrificing security, meaning they quickly become an easy target for hackers and online criminals.
“This quarter attackers went after as many vulnerable PoS devices as possible in hopes of hitting the jackpot,” said the Trend Micro report.
“They relied on tried and tested tactics like spamming as well as tools like macro malware, exploit kits and botnets. They must have done something right because the PoS malware detection volume grew 66 percent. SMBs, which had poorer protections in place compared with large enterprises, suffered most.
“The fact that SMBs are being hit can be explained by the adoption of better security technologies by bigger businesses. This makes SMBs with weaker security an easier and more tempting target.”
The report revealed that the notorious Angler exploit kit is still routinely used by cyber criminals to infiltrate computers. Indeed, using this kit to spread malvertising and links to compromised websites has managed to increase its effectiveness by up to 40 percent from the previous quarter.
“The [cyber crime] focus has moved to SMBs and the reason for that is that they typically don’t have the resources to put in mature security infrastructure,” Bharat Mistry, cyber security consultant at Trend Micro, told V3.
Mistry explained that SMBs need to understand exactly what is at risk and what data they need to protect.
“It’s not only a technology conversation. It’s also about people and processes. If you think about an SMB that’s running light on profit the last thing they are going to think about is security controls and counter measures,” he said.
“I know it’s a challenge getting personnel but they are going to have to look more towards managed security providers to help bridge some of the gaps they have in their infrastructure.”
Mistry noted that spam-based breaches and ransomware attacks are still the two most prominent threats against businesses of all sizes, but SMBs specifically can now be exploited as part of ‘island hopping’ campaigns.
“Cyber criminals could target an SMB for an easy point of presence and if that organisation deals with a larger enterprise, even if it’s two steps down the chain, they could get an entry point into one place and eventually to a final target. I think that’s what we are going to see more and more of,” he said.
SMBs need to ensure that staff are provided with basic cyber security training to increase awareness of these threats.
“Make sure you do user awareness and education training about being safe online. You would be amazed the numbers of attacks you can prevent just by doing that alone. It’s astonishing,” he noted.
Hackers and the cyber underground
Meanwhile, the motivations of cyber criminals are evolving. In the past, money was the main incentive for carrying out cyber attacks, but the actions of hackers are becoming increasingly unpredictable.
“We see cryptoware attacks when hackers encrypt whole parts of a hard drive. But now what they are going to do is land malware onto a machine and only encrypt small parts that data, the stuff that’s really important to you,” Mistry told V3.
Most recently, the breach at Ashley Madison showed how future attacks could play out as hackers post personal data online in bulk.
“It’s going to be full-on extortion. The damage being done now is against an individual and it’s about divulging personal and private information you would never want out there publicly on the net. What you will see are third parties that then will jump on the back of that,” he said.
Recently, the UK government took a strong position against cyber crime after chancellor George Osborne pledged £1.9bn a year to fight cyber terrorism.
Furthermore, he revealed that GCHQ is currently monitoring cyber threats from “high end adversaries” against 450 companies across industries such as defence, energy and finance.