Cyber threats are accelerating in complexity and scale, and small and medium-sized businesses (SMBs) are increasingly becoming their targets. To effectively protect themselves again not only in the present moment but also in the future, it’s paramount for SMBs to look beyond the immediate horizon and anticipate what’s coming.
For the fourth year in a row Microsoft has released its Digital Defense Report, offering an in-depth look into the cybersecurity landscape. This report, coupled with OSIbeyond’s extensive experience as a Managed Cybersecurity Service Provider (MSSP), creates a foundation for understanding the nature of cyber threats and the proactive measures SMBs can take to ensure resilience.
Cybercrime Is Rapidly Evolving
In the past, substantial technical skills were necessary to participate in cybercrime. Early viruses and attacks were launched by highly skilled hackers who were driven largely by curiosity. The emergence of a cybercrime-as-a-service ecosystem has commodified cybercrime, lowering the barrier to entry for individuals without deep technical knowledge.
Anyone, from digital fraudsters to disgruntled employees to competitors, can now visit the dark web and look for ransomware‑as‑a-service, phishing-as-a-service, and other similar offerings to launch an attack with a few mouse clicks and keystrokes.
As a result, smaller organizations, which previously might have flown under the radar of cybercriminals, have become prime targets. Unfortunately, such organizations often lack comprehensive cybersecurity measures, so even an encounter with a run-of-the-mill cyber attack can have serious consequences.
But just because some cyber attacks are now easy to execute thanks to the booming cybercrime-as-a-service ecosystem doesn’t mean that highly sophisticated and targeted attacks have become extinct—far from it. Human-operated ransomware attacks increased by 200% from July 2022 through June 2023, and 70% of their victims had fewer than 500 employees.
Human-operated ransomware attacks differ from more traditional self-spreading ransomware worms in that they are manually directed against specific targets. Attackers use impersonation, living‑off‑the‑land techniques (the abuse of legitimate tools present in the target environment), and remote encryption to breach even fairly robust defenses, conceal their tracks, and, ultimately, tighten their grip on victims.
Business Email Compromise (BEC) is another threat that’s both more widespread, with 156,000 daily BEC attempts observed between April 2022 and April 2023, and more sophisticated. This escalation in BEC attacks aligns with cybercriminals’ improved capacity to impersonate or compromise legitimate third parties using generative AI tools like GTP-4 for text generation, ElevenLabs for voice generation, and Stable Diffusion for image generation.
The commodification of cybercrime and the rise of cybercrime-as-a-service together with the emergence of advanced AI technologies that can be used for impersonation and compromise highlight the need for SMBs to adopt comprehensive, multi-layered cybersecurity strategies. The good news is that most cyber attacks can be stopped by implementing the fundamental security hygiene practices outlined in the next section.
Basic Cybersecurity Hygiene Makes All the Difference
While the rapid evolution of the threat landscape might seem daunting, the situation is far from hopeless. According to the Microsoft Digital Defense Report 2023, basic security hygiene practices can effectively protect against 99% of cyber attacks, and their implementation is an easily achievable objective even for SMBs. Such practices include:
- Multi-Factor Authentication (MFA): Microsoft data revealed a more than tenfold increase in attempted password attacks over the previous year, illustrating the danger of relying solely on passwords for security. MFA adds an extra layer of protection and makes unauthorized access significantly harder by requiring users to verify their identity in more than one way.
- Zero Trust Principles: With attacks targeting open source software growing by an average of 742% since 2019, adopting Zero Trust principles is more critical than ever. Zero Trust operates on the assumption that threats can come from anywhere. Thus, it verifies every access request to ensure that only authenticated and authorized users and devices can access the requested resources.
- Extended Detection and Response (XDR) and Ant-Malware: The fact that 80-90% of all successful ransomware compromises originate through unmanaged devices highlights the importance of comprehensive threat detection and response. XDR and anti-malware solutions offer advanced protection by monitoring network and device activities for signs of malicious behavior, automatically blocking attacks, and providing actionable insights for responding to threats.
- Patch management: Keeping devices updated is essential, as 57% of devices on legacy firmware are vulnerable to a significant number of Common Vulnerabilities and Exposures (CVEs). Regular updates close security gaps and protect against known vulnerabilities before they can be exploited by cybercriminals.
- Data protection: Considering the ransomware statistics mentioned earlier in this article, it is evident that SMBs are at substantial risk. Protecting data involves knowing what data you have, where it is stored, how it is protected, and how quickly it can be recovered.
Lets Secure Your Future Together
The future of cybersecurity presents a landscape filled with both challenges and opportunities. As cyber threats continue to evolve in complexity and sophistication, the need for advanced, adaptable cybersecurity measures increases.
OSIbeyond is ready to guide and support organizations through the ever-changing cyber threat environment. With our deep expertise and comprehensive suite of managed IT and cybersecurity services, we’re here to ensure that your organization is protected against today’s threats as well as the challenges of tomorrow.
Contact us today to learn how we can help you face the challenges of tomorrow with confidence.