How SMBs can lower their risk of cyberattacks and data breaches

How SMBs can lower their risk of cyberattacks and data breaches

January 30, 2024 at 11:28AM

The Akira ransomware group is targeting small to medium-sized businesses (SMBs), with ransom demands ranging from $200,000 to over $4 million. SMBs are attractive targets for cybercriminals due to their limited resources and as entry points to larger enterprises. The average cost to recover from a data breach for SMBs is nearly $150,000. To mitigate risks, businesses are advised to implement best practices for cybersecurity such as NIST’s cybersecurity framework, enforce robust password policies, use multi-factor authentication, block compromised passwords, perform regular Active Directory audits, and provide end-user awareness training. These measures can help reduce the risk of unauthorized access and improve the overall cybersecurity posture of SMBs.

After reviewing the meeting notes, it is clear that the Akira ransomware group is increasingly targeting small to medium-sized businesses (SMBs), with 80% of its victims falling within this category since March 2023. The group’s ransom demands range from $200,000 USD to over $4 million USD, posing a significant threat to the financial stability and operational continuity of SMBs. The exposure of names and data is used as leverage if organizations refuse to comply with the ransom demands. It is notable that most intrusions leverage compromise credentials to obtain initial access.

SMBs are particularly vulnerable to cyberattacks due to their limited IT resources and often inadequate security procedures, including employee cybersecurity training. Moreover, these businesses are targeted as potential entry points to larger enterprises. The impact of cyberattacks on SMBs can be severe, as shown by the average cost of recovering from a data breach, which is estimated at $4.45 million globally. For SMBs, the average cost of a data breach is nearly $150,000. Furthermore, breaches can lead to indirect costs such as undermining customer trust, damaging reputations, and potentially losing data permanently.

To mitigate these risks, SMBs should adopt best practices for cybersecurity, such as the cybersecurity framework for SMBs developed by the National Institute of Standards and Technology (NIST). This includes controlling network and data access, establishing formal usage policies, encrypting sensitive data, using network firewalls with integrated security, monitoring for unauthorized access, backing up data regularly, and creating response and recovery plans for attacks.

However, it is crucial to note that 98% of cyber attacks start with some form of social engineering, emphasizing the need for robust password policies and multi-factor authentication (MFA). Password policy enforcement should go beyond basic compliance requirements, focusing on creating strong and hard-to-crack passphrases and blocking compromised passwords. MFA can significantly reduce the risk of account takeovers by adding an additional layer of protection, even if passwords are compromised.

Furthermore, actively blocking the use of known compromised passwords and conducting password audit scans of Active Directory accounts can help reduce the risk of unauthorized access. End-user awareness training is also essential to improve cybersecurity, as human error contributes to a significant percentage of data breaches. Understanding the importance of following cybersecurity policies and recognizing signs of phishing and other attacks is crucial for all employees.

Finally, SMBs can enhance their security posture by using solutions such as Specops Password Policy to enforce compliance requirements and automatically block the use of compromised passwords. This can significantly mitigate cyber risks and protect the organization against potential threats.

Full Article