Risk
9/14/2012
03:00 PM
Connect Directly
RSS
E-Mail
50%
50%

10 Cyber Threats Small Businesses Can't Ignore

SMBs must be serious about cybersecurity now that they're targets, too.

InformationWeek Green - Sept. 17, 2012
InformationWeek Green
Download the InformationWeek SMB September special issue on cybersecurity, distributed in an all-digital format as part of our Green Initiative
(Registration required.)

10 Cyber Threats You Can't Ignore

The email came from "Ivan" in Russia: "After a few minutes I'll start a DDoS attack on your site, and it will cease to work," the message said. "If you don't want to lose any profit, you pay me only $3,500."

Endless Wardrobe, the Australian online clothing retailer under attack, refused to pay. As threatened, the site was flooded with bogus information requests, overwhelmed, and down for a week. Endless Wardrobe worked with its hosting provider to blunt the attack, but the defenses erected by the provider also blocked many legitimate customers.

The retailer, with three full-time employees and three part-timers, lost customers and at least a few thousand dollars in business, says general manager Andrew Burman.

"Before the attack I had no idea we would be a target," Burman says. "I had heard about cyber attacks before but never thought it could happen to a small business. I thought they normally target large businesses, online gambling types, as they have the money to pay them off."

Most small and medium businesses don't believe online criminals will target them, and it's true that most never will be a victim of an extortion threat as Endless Wardrobe was. But they can't count on their smaller size keeping them out of harm's way. In 26,000 targeted attacks Symantec documented last year, half were on businesses with fewer than 2,500 employees and 18% on businesses with fewer than 250 employees. From denial-of-service attacks that take down websites to Trojans that empty bank accounts, there are a multitude of attacks that most SMBs don't know about and aren't prepared for.

It's not just the e-commerce giants like Amazon.com that are being attacked, but companies with a few hundred employees or less, says Matthew Prince, CEO of Web security firm CloudFlare. CloudFlare specializes in stopping attacks like the one on Endless Wardrobe, but it also became the target of a different type of attack in mid-May. Hackers gained access to the password-recovery mechanism for the 36-employee company's Google-hosted email, giving the criminals access to sensitive data about CloudFlare's systems and customers. The crooks' end goal: Use email access to gain control of customers accounts. The criminals nearly succeeded.

The attackers involved are "really good at taking over control of email," Prince says.

These attacks are part of the brave, new world of small business. The same technologies that let small businesses operate online efficiently and do more for less money also open them up to attacks.

Nearly 90% of small and midsize businesses bank online, making accounting and finance easier, but also opening their accounts to attack. And SMBs are increasingly letting employees bring their own mobile devices on to company networks. About 40% of managers worry about the risk that this practice creates for information security, according to the Sophos 2012 Network Security Survey of more than 570 global IT decision-makers.

"Small businesses are more prone to attack because they have less resources to maintain their defenses," says Gavin Struthers, senior VP of worldwide channel operations at security company McAfee. "Many of them are online and mobile-connected, and if they lose those benefits, then they lose their business."

With limited resources to deal with security, SMBs often ignore potential threats. The best defense is to be aware of the threats and create security policies to deal with them. Here are ways to defend against 10 of the most serious--but too often ignored--dangers.

To read the rest of the article,
Download the InformationWeek SMB September special issue on cybersecurity

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Candace
50%
50%
Candace,
User Rank: Apprentice
9/20/2012 | 8:32:04 PM
re: 10 Cyber Threats Small Businesses Can't Ignore
Another dimension to cybersecurity challenges facing SMBs is social spam. Social media and other online channels allow SMBs to engage customers, build business, and strengthen a brand. While increased user traffic should be good news for SMBs, the bad news is that spammers will follow wherever traffic goes and can wreak havoc on a company's good efforts with offensive comments, malicious links, or other abusive acts.

Fortunately, affordable security solutions for social spam are available. Real-time content protection is critical to defending one's brand online and efforts to reach consumers. This technology enables SMBs to employ the same defense systems as larger companies like Tumblr. For disclosure, my company - Impermium - provides social spam protection to Tumblr among other companies.
P.S.
50%
50%
P.S.,
User Rank: Apprentice
9/19/2012 | 1:28:41 PM
re: 10 Cyber Threats Small Businesses Can't Ignore
Tried using CloiudFlar but quickly found better alternatives. Their DDoS plan is way to expensive and they got so many downtime that it was simply embarrassing apologizing for them all. The author is right, SMBs must start thinking about online security but Cloudflare is a bad choice for a security provider.
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading, September 16, 2014
Malicious software is morphing to be more targeted, stealthy, and destructive. Are you prepared to stop it?
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-0993
Published: 2014-09-15
Buffer overflow in the Vcl.Graphics.TPicture.Bitmap implementation in the Visual Component Library (VCL) in Embarcadero Delphi XE6 20.0.15596.9843 and C++ Builder XE6 20.0.15596.9843 allows remote attackers to execute arbitrary code via a crafted BMP file.

CVE-2014-2375
Published: 2014-09-15
Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta 4.1.4392 and earlier allows remote attackers to read or write to arbitrary files, and obtain sensitive information or cause a denial of service (disk consumption), via the CSV export feature.

CVE-2014-2376
Published: 2014-09-15
SQL injection vulnerability in Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta 4.1.4392 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

CVE-2014-2377
Published: 2014-09-15
Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta 4.1.4392 and earlier allows remote attackers to discover full pathnames via an application tag.

CVE-2014-3077
Published: 2014-09-15
IBM SONAS and System Storage Storwize V7000 Unified (aka V7000U) 1.3.x and 1.4.x before 1.4.3.4 store the chkauth password in the audit log, which allows local users to obtain sensitive information by reading this log file.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
CISO Insider: An Interview with James Christiansen, Vice President, Information Risk Management, Office of the CISO, Accuvant