Understanding the nature of the threat is the first step towards organisations prioritising actions to increase protection in today’s threat landscape
What is the most dangerous trait of a cyberattack?
Some use complex social manipulation to spear phish individuals. Others deploy weaponised artificial intelligence (AI) and sophisticated malware programmes to gain access and create chaos. In my experience, however, the most dangerous aspect of many attacks is their relentlessness.
According to the UAE government head of cybersecurity, Dr Mohamed Al Kuwaiti, the country prevents around 50,000 attacks each day. A growing proportion of these will be novel malware – new threats, or new variations of known ones as per a new industry report. This indicates the diversification and intensification of attacks by malicious actors, who are working harder than ever to penetrate lucrative targets.
Increasingly, their sights are set on small and midsized businesses (SMBs) who may be more likely to pay ransoms to resume operations and minimise losses, or have invested less in comprehensive cybersecurity protection.
With the UAE’s Digital Economy Strategy in effect and working to double the digital economy’s contribution to the country’s Gross Domestic Product (GDP) by 2032, the urgency to protect all businesses growing their online presence and reliance is paramount.
For large businesses, injecting funding into their cyber defences can be an effective solution, adding comprehensive security software, and specialist skills and resources to bolster the Security Operations Centre (SOC). For smaller businesses, the answer is not as straightforward – and the consequences can be extreme. According to one industry study, the UAE suffered losses exceeding $32 million due to cyberattacks and data breaches between 2018 and 2022. Understanding the nature of the threat is the first step towards organisations prioritising actions to increase protection in today’s threat landscape.
Why underestimating the smaller details is creating the bigger problems
The news cycle is littered with sophisticated cyberattacks from across the world. Seeing this, small businesses may anticipate highly technical attacks on their infrastructure. However, this is rarely the case.
Cybercriminals are relying on older techniques to target smaller business with high volume, scattergun outreach. Whilst this may be surprising, it is proving to be incredibly effective.
The most common attacks are the simplest ones, and older techniques such as phishing, social engineering and so-called “watering hole” attacks to infiltrate internal organisational teams, have been popularised by the proliferation of unsecured channels for work purposes. These include digital channels such as SMS, mobile phone apps like WhatsApp, and collaboration apps such as Slack.
Even the messiest threat actors are succeeding, despite lacking the flair of big ransomware groups. In multiple incidents, threat actors left behind playbook text files containing IP addresses and more. Despite being less technically advanced, cyber criminals were able to infiltrate organisations’ barriers due to small businesses continually using older technologies and infrastructure for protection. SMBs will remain prime and easy targets, even for the simplest of attacks, if they fail to upgrade and boost their security. Last year was a testament to this with an overabundance of attacks on SMB targets. So how can we guard against this?
People, processes, technology: How businesses can build effective protection
Before even thinking about the right cybersecurity solution, many SMB leaders will be thinking about how much employing a whole team will cost. Luckily, it’s possible to outsource help and secure a level of protection that few organisations can otherwise afford on their own.
There are three elements that small businesses should consider:
1. People. Many SMBs around the world are seeing a digital skills gap, meaning teams are either thinly stretched or non-existent. To avoid the struggle of finding excess staff, businesses can engage a Managed Security Service Provider (MSSP) as a cost-effective solution at the right scale.
2. Processes. No outsourced services or sophisticated technologies can prevent human error but it’s possible to reduce it by fostering positive security attitudes and cultures. A Zero Trust security model reinforces processes with technology, by assuming every user, endpoint, and network are potentially hostile.
3. Solutions. Many SMBs fear that they don’t have the visibility or power to stop cyber threats. By collecting and analysing data from multiple sources, Extended Detection and Response (XDR) gives businesses a complete view of all potential network and endpoint vulnerabilities, and enterprise security personnel can more effectively prevent cyberthreats.
Given the existing threat landscape, the need for visibility across the entire security function is a necessity. Furthermore, there are a wealth of solutions available to enable SMBs to be proactive in building the right defence strategy. A future in which SMBs are confident to use the tools and resources around them will see far more not just survive but actively shield against the growing ingenuity and volume of potential cyberattacks for many years to come.
Hans-Peter Bauer is senior vice-president EMEA, BlackBerry