 |
| Kaspersky: 5 threats companies may face in 2023 |
Kaspersky experts analyzed potential vulnerabilities in small and medium-sized businesses and identified some of the most serious digital threats that companies can face in 2023 and which executives should be aware of. Especially since according to statistics, 60% of small and medium businesses will suffer from a digital attack in 2022.
Organizations can lose valuable confidential information, financial resources, and market share to digital attacks when criminals try multiple ways to achieve their goals.
Organizations consider digital security incidents to be one of their most persistent crises. The SME sector is one of the largest contributors to the global economy as stated by the World Trade Organization, and the sector represents more than 90% of all companies worldwide.
Employee data breach
Business data can be compromised in many ways, and in some cases it can be unintentional. During the pandemic, many remote workers use company computers for entertainment, for example b. Playing video games online, watching movies, or using online learning platforms, which is always a threat that can cost companies dearly. While the share of employees who had not tried working remotely before 2020 was around 46%, now two-thirds say they will not return to work from the office, while the remainder say they work fewer hours per week. The remote work model is not going away.
With the increase in levels of digital security in the post-pandemic phase and the adoption of remote work models in organizations, computers used in companies for entertainment purposes remain one of the primary methods of initial access to corporate networks.
When users search for alternative sources to download episodes of new TV shows or new movies, they encounter different types of malware including Trojans, spyware, backdoors, and adware.
According to Kaspersky statistics, 35% of users who have been exposed to threats disguised as streaming platforms have been infected by a Trojan. If a Trojan horse penetrates a company's computer, it can penetrate the company's network and steal secrets and information about the company's development. Sensitive information such as employee personal data. data.
On the flip side, people are more likely to blame former employees for a potential data breach, as in a recent Kaspersky survey, only half of company leaders surveyed are concerned that former employees may no longer have access to company data. stored. in the clouds. Services satisfied or not. You can use a business account.
Although former employees may not remember accessing certain resources, routine organizational checks may reveal that unauthorized individuals who access company resources have access, potentially exposing the company to fines.
DDoS attack
Attacks on distributed networks are often referred to as Distributed Denial of Service (DDoS) attacks. This type of attack exploits the volume applied to any network resource, for example b- the infrastructure of a company's website. In a DDoS attack, multiple requests are sent to an attacked web resource in order to overwhelm the website's capacity and ability to handle multiple requests, preventing it from working properly.
Attackers choose different sources to target organizations such as banks, media, and retail companies, all of which are highly affected by DDoS attacks. Recently, cybercriminals targeted German grocery delivery service Takeaway.com (lieferando.de) and demanded two bitcoins (about $11,000) to stop the massive flow of data on the service's website. DDoS attacks on online retailers also tend to increase during the holiday season when shopping activity is high.
The trend towards attacks on gambling companies is becoming increasingly evident. Blizzard games: (Call of Duty), (World of Warcraft), (Overwatch), (Hearthstone) and (Diablo: Immortal) were also targeted by DDoS attacks.
However, many DDoS attacks go unreported because compensation companies pay to prevent attacks are often quite modest.
Suppliers
A supply chain attack usually means that a service or software used by a business has become malware. These attacks come through the company's vendors or suppliers, such as b- financial institutions, logistics partners, or even food delivery services. Such operations can vary in complexity or destructiveness.
For example, attackers used ExPetr malware, also known as NotPetya, to breach M.E.Doc's automatic update system and force it to ship this ransomware to all of its customers, causing millions of dollars in damages to businesses large and small.
Other examples include CCleaner, one of the most popular system registry cleaners, widely used by home users and system administrators. At some point, the attacker broke into the developer's build environment and moved several back-end builds. Within a month, the pirated version was distributed from the company's official website with 2.27 million downloads and more than 1.65 million copies sold. The malware attempts to connect to the criminal's server.
Attention is also drawn to the DiceyF incident, which took place in Southeast Asia and targeted an online casino operator and customer support platform in the style of (The Ocean 11).
malware
If someone downloads files from unofficial sources, they should ensure that these files do not cause any harm. Encrypted tools that track company data, funds, and even owners' personal information have become a major threat. Notably, more than a quarter of SMEs choose to cut costs by using pirated or unlicensed software that may contain malicious or unwanted files that exploit the company's computers and networks.
In addition, business owners should pay attention to access proxies because these aggregation layers will harm SMEs in various ways in 2023. Illegal proxies or access agents include: encryption software, word theft, bank passwords, ransomware, profile thieves link, and other malware.
Many examples include Emotet, which steals bank account credentials and targets organizations around the world. DeathStalker is another organization that targets small and medium businesses in the legal, financial and travel fields. The main goal of the group is to steal confidential information related to litigation involving senior officials and important financial assets, information about competing companies and information about mergers and acquisitions.
Social development
Since the outbreak of the pandemic, many companies have moved much of their business online and learned to use new collaboration tools. The use of the Microsoft Office 365 package has increased dramatically, so it is not surprising that phishing attempts targeting user accounts of the package have increased. Scammers use various tricks to trick business users into entering their passwords on a website that looks like the Microsoft login page.
Kaspersky has unveiled several new ways phishing scammers try to trick business owners, some of which are so sophisticated that they pretend to be fake personal loan or delivery websites, or send emails with fake accounting documents. Some attackers also disguise themselves as official online platforms to monetize their victims, such as popular money transfer services such as Wise Transfer.
Another danger identified by Kaspersky experts is links to sites that use Google Translate. The attackers used Google Translate to bypass digital security mechanisms, claiming that the attachment in the email was a payment document intended solely for the recipient to hold, for example, "presentations relating to contract meetings and late payments". The link leads to a website translated by Google Translate. However, this would trick the attacker into launching a fake website to steal money from the victim.
Cybercriminals will try to use all possible means to reach their victims, such as malware, phishing websites, emails, corporate network hacking, or even massive DDoS attacks. However, a recent Kaspersky survey found that only 41% of SMBs have a crisis prevention plan in place, which makes focusing on digital security and understanding the challenges associated with managing technology security incidents a good way to anticipate organizations leading the way with proven precautions.
Kaspersky recommends that companies take the following steps to protect against digital attacks:
- enforce a strong password policy; It requires a default password of at least eight characters, including at least one number, one uppercase letter, one lowercase letter, and one special character, and change your password if you believe it has been cracked or compromised. This approach is easy to implement with a security solution that includes comprehensive password management tools.
- Don't ignore updates from software and hardware vendors, as they often include fixes for security holes, as well as new features and user interface improvements.
- Raise security awareness among employees by encouraging them to learn about current threats, how to protect their personal and professional lives, and to attend free on-site training sessions. Working with third parties to organize a comprehensive and effective employee training program is a great way to save IT time and effort and ensure successful results.