When it comes to IT security most small-to-medium (SMB) businesses have a herd mentality. They know there are predators. They just assume that given the size of the SMB they figure that the odds are good some company other than them will fall victim. What that thinking fails to account for is how efficient the predators are becoming at hunting.
A new report from Malwarebytes, a provider of malware removal tools, published this week makes plain the size and scope of the problem. The report finds that amount of malware being discovered with SMB organizations in the U.S. with fewer than 1,000 employees from the first quarter of 2016 to the same period in 2017 has increased a startling 165 percent. Even accounting for the fact that organizations might be getting better at discovering malware, that increase in volume suggests that either there are a lot more predators or they have become much more efficient in terms of launching attacks. The truth is a little bit of both. Cyber criminals have developed an elaborate marketplace through which they sell and share exploits. That makes it simpler for cyber criminals with limited skills to employ malware. At the same time, cybercriminals are taking advantage of bots and adware to spread malware more broadly than ever.
The net effect of there being more predators means there are more attacks on smaller entities. In effect, small time cyber criminals are using attacks involving ransomware to shake down SMBs because larger companies tend to have implemented tools that enable them to recover their data without necessarily having to pay a ransom to decrypt their data. However, SMBs are also the soft underbelly of a supply chain that enables cyber criminals to attack larger entities. Most SMBs today are part of a larger business network that eventually connects back to multiple Fortune 1000 companies. The Malwarebytes report notes that there has been a 500 percent increase in attacks in ten states. Texas showed the highest total number of overall malware incidents detected by Malwarebytes, with one in every five threats detected. Other states with high concentrations include Maine, Arizona, and Alabama. The Malwarebytes report speculates that because there is a high concentration of industries involving aerospace, automotive, healthcare, technology, and oil and gas, cyber criminals are targeting attacks against SMBs that are part of a supply chain operating in these industries.
Many of the Fortune 1000 companies that are at the backend of these supply chains are already moving to elevate the level of IT security controls that they require SMB organizations to have in place. Failure to meet those requirements during an audit can result in termination of business relationships. As a result, the cost of doing business for SMBs is either increasing or they are diverting funds from other areas to improve their IT security posture. While it is clearly preferable to prevent as much malware as possible from getting past their defenses, a lot more of the IT security effort these days involves hunting for malware on the assumption it has already circumvented the network perimeter.
What SMBs need to do next is transform that herd mentality into a mutual defense strategy. By sharing information about cybersecurity attacks with one another it becomes easier to fend off predators by collectively working together to protect the herd. The members of the herd may not be able to kill a predator. But by collaborating with one another they can most certainly make sure that predator becomes either too weak to hunt before eventually starving to death.
Mike Vizard has covered IT for more than 25 years, and has edited or contributed to a number of tech publications including InfoWorld, eWeek, CRN, Baseline, ComputerWorld, TMCNet, and Digital Review. He currently blogs for IT Business Edge and contributes to CIOinsight, The Channel Insider, Programmableweb and Slashdot.Mike also blogs about emerging cloud technology for Intronis MSP Solutions by Barracuda.
Mike Vizard has covered IT for more than 25 years and has edited or contributed to a number of tech publications including InfoWorld, eWeek, CRN, Baseline, ComputerWorld, TMCNet, and Digital Review. He currently blogs for IT Business Edge and contributes to CIOinsight, The Channel Insider, Programmableweb, and Slashdot. Mike also blogs about emerging cloud technology for SmarterMSP.