Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

8/21/2019
08:45 AM
Kelly Sheridan
Kelly Sheridan
Slideshows
Connect Directly
Twitter
LinkedIn
Google+
RSS
E-Mail

7 Big Factors Putting Small Businesses At Risk

Small organizations still face a long list of security threats. These threats and vulnerabilities should be top of mind.
3 of 8

Island Hopping: Not as Fun as It Sounds
'Island hopping,' a term that may invoke images of sunshine and beaches, refers to the attacker strategy of targeting large enterprises by going through smaller firms that work with them. Because SMBs typically have more vulnerable systems, they give intruders easy access to the bigger target's network. Once they compromise a small company, they can capitalize on the shared network and access the data and processes the two organizations share.
'It's easier to gain access to SMBs because they are less likely to have protections in place,' says John Bennett, senior vice president and general manager at LastPass. 'They haven't invested as much in their security controls given the lack of resources.'
Cyberattacks are a 'risk vs. reward game' for criminals, he explains. It depends on how much money an attacker is willing to invest in breaching a particular business. Targeting a larger business costs criminals more money. SMBs, in comparison, are 'lower hanging fruit' and easier to infiltrate.   
Island hopping is a common practice among both state actors and cybercriminals, Webroot's Anderson says. They aren't quick to give up their access to a target's environment so long as they can lay low, explore the network, and view connections to other networks from the SMB. 'They're looking to live off the land and exist on that network for a long while,' he adds.
(Image: Juan Carlos Munoz - stock.adobe.com)

Island Hopping: Not as Fun as It Sounds

"Island hopping," a term that may invoke images of sunshine and beaches, refers to the attacker strategy of targeting large enterprises by going through smaller firms that work with them. Because SMBs typically have more vulnerable systems, they give intruders easy access to the bigger target's network. Once they compromise a small company, they can capitalize on the shared network and access the data and processes the two organizations share.

"It's easier to gain access to SMBs because they are less likely to have protections in place," says John Bennett, senior vice president and general manager at LastPass. "They haven't invested as much in their security controls given the lack of resources."

Cyberattacks are a "risk vs. reward game" for criminals, he explains. It depends on how much money an attacker is willing to invest in breaching a particular business. Targeting a larger business costs criminals more money. SMBs, in comparison, are "lower hanging fruit" and easier to infiltrate.

Island hopping is a common practice among both state actors and cybercriminals, Webroot's Anderson says. They aren't quick to give up their access to a target's environment so long as they can lay low, explore the network, and view connections to other networks from the SMB. "They're looking to live off the land and exist on that network for a long while," he adds.

(Image: Juan Carlos Munoz stock.adobe.com)

3 of 8
Comment  | 
Print  | 
Comments
Newest First  |  Oldest First  |  Threaded View
steven09
50%
50%
steven09,
User Rank: Apprentice
8/25/2019 | 7:41:26 AM
Useful Adnetwork
Wonderful post! a bundle of thanks for sharing this with your followers around the world. I found something new and classic here in this post and now going to share it with everyone via FB and twitter as well. Have you any idea about the AdFly Network? then check all the information about this wonderful network in 2019 and start using it.
Navigating Security in the Cloud
Diya Jolly, Chief Product Officer, Okta,  12/4/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "The security team seem to be taking SiegeWare seriously" 
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-1114
PUBLISHED: 2019-12-05
A Cross-Site Scripting (XSS) vulnerability exists in LDAP Account Manager (LAM) Pro 3.6 in the filter parameter to cmd.php in an export and exporter_id action. and the filteruid parameter to list.php.
CVE-2012-1115
PUBLISHED: 2019-12-05
A Cross-Site Scripting (XSS) vulnerability exists in LDAP Account Manager (LAM) Pro 3.6 in the export, add_value_form, and dn parameters to cmd.php.
CVE-2012-1592
PUBLISHED: 2019-12-05
A local code execution issue exists in Apache Struts2 when processing malformed XSLT files, which could let a malicious user upload and execute arbitrary files.
CVE-2019-16770
PUBLISHED: 2019-12-05
A poorly-behaved client could use keepalive requests to monopolize Puma's reactor and create a denial of service attack. If more keepalive connections to Puma are opened than there are threads available, additional connections will wait permanently if the attacker sends requests frequently enough.
CVE-2019-19609
PUBLISHED: 2019-12-05
The Strapi framework before 3.0.0-beta.17.8 is vulnerable to Remote Code Execution in the Install and Uninstall Plugin components of the Admin panel, because it does not sanitize the plugin name, and attackers can inject arbitrary shell commands to be executed by the execa function.