About the Internet threat landscape, and why small businesses are the most vulnerable

1) Tell me a bit about the Internet threat landscape, and why small businesses are the most vulnerable?

The Internet threat landscape is pretty complex these days. We see more and more targeted attacks against large and small companies which happen via phishing, DDoS, exploits of known vulnerabilities and social engineering.

The small businesses are most vulnerable because they don’t have dedicated or specialized personnel to deal with these complex threats.

They also don’t have the financial power to cover all attack vectors.

This is actually the main difference between small and large business in regard to threats

2) What are some of the emerging trends and issues on Internet security threats that will impact SMEs?

The emerging threats are the exploiting of known vulnerabilities in various software products.

Vulnerabilities are being used these days to create zero-day attacks. This kind of attack is using a brand new vulnerability (this is why is called zeroday) and targets known customers of the affected software.

The advantage of a zero-day attack is that there is no fix for the vulnerability and no security product can protect against the exploit.

Such an attack happens on a very small scale, because only this way is possible to makes the exploit to remain undiscovered for as long as possible.

3) What are some of the risks that emerge from these trends and issues?

 The main risk is that the exploits are being used for a long time without anyone knowing it. Using a vulnerability, cybercriminals can send malicious software to the affected computers without anyone to notice it. Such malware can be used to steal confidential information, banking credentials and others.

For a small company such a damage can mean the bankruptcy.

4) Why has there been a shift of targeted attacks to those in the manufacturing sector and knowledge workers?

Cyber criminals are after money. So, they set their targets according to where the money resides. In this case, it is more beneficial for them to target this sector.

5) How are these threats taking place?

 Once a vulnerability is found, the cyber criminals are creating the software that exploits it.

Then they try to find known companies that make use of the vulnerable software. Depending on the vulnerable software, there are many ways to send this software to as many computers as possible, ideally targeting the companies that they know to use it.

Sometimes this is achieved using drive-by downloads, specially prepared websites and via emails carrying the exploit.

6) What are some of the things SMEs can do to protect their information?

 The most important thing for SMEs is to stop thinking that such a thing can’t happen to them.

 After this, they should perform a few standard steps to analyze the situation for them.

The greatest challenge for a SME is to find the right mix of protection that fits its needs.

For finding out what should they protect and how, there are a few steps to do:

– Analyze what their most important assets are and what would be the impact if someone gets access to them (known as risk analysis),

– How can someone get access to these assets (known as the attack surface)

– Identify and protect the ways to get access to the assets (known as the attack vectors).

 After these topics are clarified, there are ways to protect themselves.

Start with installing a security solutions on all computers, even on those not connected to the Internet.

Then protect the gateways or purchase a managed security service.

Also a patch management solution should be considered.

7) What measures do they have to put into place to ensure future safety? Any advice?

There are many things that can be done, and almost never enough time and funds to address all of them.

The minimum these days and in the future is to protect your internal network. There are plenty of security solutions that fit various types of companies.

 In my opinion, the biggest danger for SMEs is to lose the focus on their main business.

For example, if they start to over protect themselves, this can have dramatic consequences on their productivity and on the cash flow that keeps the company alive.

I suggest that they invest more at the beginning in doing the analysis of their situation.


© Copyright 2013 Sorin Mustaca, All rights Reserved. Written For: Sorin Mustaca on Cybersecurity

Check www.mustaca.com for the IT Consulting services I offer.
Visit www.itsecuritynews.info for latest security news in English
Besuchen Sie http://de.itsecuritynews.info für IT Sicherheits News auf Deutsch

About the Author

Sorin Mustaca

Sorin Mustaca, (ISC)2 CSSLP, CompTIA Security+ and Project+, is working since year 2000 in the IT Security industry and worked between 2003-2014 for Avira as Product Manager for the known products used by over 100 million users world-wide. Today he is an independent IT Security Consultant focusing on Cybersecurity, secure software development and security for IoT and Automotive. He is also running his personal blog Sorin Mustaca on Cybersecurity and is the author of the free eBook Improve your security .

Comments are closed.

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close