The most frequent cyber attacks against SMEs

Edited by LineaEDP24 / 09/2021 From the "ransom virus" to phishing aimed at executives, here are the most frequent cyber attacks against SMEs retraced by Nicola Mugnato di Gyala

Nicola Mugnato, co-founder together with Gian Roberto Sfoglietta and Andrea Storico di Gyala, a Roman startup that used all the best of military research to create 100% Made in Italy cybersecurity products for SMEs and institutions, paused to reflect on cyber attacks more frequent against SMEs. Cyber threats, in fact, are now on the agenda. A few weeks ago an attack brought the Lazio Region servers to their knees, generating a real digital emergency and creating a lot of inconvenience to citizens, but above all revealing the fragility in terms of cyber security of the entire system. A problem that is not only Italian but that involves the entire planet. Also recently, in fact, the cybercriminals had held the Colonial Pipeline hostage, the largest US oil pipeline, 9,000 kilometers long. With the infrastructure blocked for days, the managers decided to pay hackers about 4.4 million dollars in bitcoin. A few days later, on May 31, it was the turn of JBS, the largest meat supplier in the world. This time, too, a nice booty for cybercriminals, around 11 million dollars. Serious but increasingly frequent events: several hospitals, a filtration and water purification plant in Florida, the ferry service between Cape Cod, Martha's Vineyard and Nantucket also ended up in the hands of hackers. As underlined in an official note by Nicola Mugnato: "Energy, food, water, health, transport, companies and sensitive infrastructures are vulnerable today". But what are the cyber threats from which a company today must learn to defend itself? Let's see the most frequent.

From ransomware to cryptojacking

Let's start with ransomware, the so-called "ransom viruses" that have become infamous in Italy following the attack on the servers of the Lazio Region. These viruses encrypt files and make them inaccessible by asking the victim to pay - usually bitcoin or other electronic currencies - for the password to recover them. Often, to fall victim to it, an email with a fake attachment (a bill or a shipping receipt) is enough: once the document is opened, the ransomware begins to encrypt the files and little remains to be done for the hard disk. For Mugnato: "There is also another less aggressive way that hackers use to make money: instead of stealing data, they steal the computing capacity with cryptojacking, these software, installed secretly on the victims' computers, run together with normal programs producing cryptocurrency ". The virus enters the system via e-mail attachments, just like traditional ransomware, however, in this case the goal is not the user's money, but his data processing power which is diverted to illicit purposes. Social engineering, beware of online traps Again according to Mugnato: «Over 70% of cyber attacks occur due to human error. This is why the lack of awareness and basic know-how, but also the right tools, is very dangerous today ». Social engineering works using the information present on social networks, made public by the victim himself, who thus discovers the side of computer intrusions of various kinds. This information is exploited to manipulate and deceive the victim, who is often unaware of having thrown open the doors of his personal data, therefore of her life or perhaps of the company where she works. In this sense, endpoint security issues are among the most challenging.

Spear phishing, hackers no longer shoot in the heap

Again for the co-founder of Gyala: "The fact that phishing attacks do not appear to decrease is an indication of their constant effectiveness. In fact, despite the continuous recommendations and awareness campaigns both in the company and in the media, people are unable to resist when they read CLICK HERE. What is changing, however, is the type of phishing: we are moving from the "trawling" of traditional phishing, made with the intention of hitting as many victims as possible and proportionally maximizing the illicit gain, to spear phishing. It is a targeted phishing attack, often aimed at a specific person, usually with a key role within the organization with access to sensitive data and confidential information, which represent an interesting loot on the black market of espionage ".

Smart working and increased attacks

In the post-pandemic, according to a recent Alvarez & Marsal report, cyber security is destined to become an asset for 80% of European companies. The latest industry figures estimate chand cybersecurity spending will reach $ 133.8 billion within the next two years and highlight that, despite investments, 2,930,000 cybersecurity-related positions still remain uncovered worldwide. Covid, as we have seen, suddenly revealed the fragility of our cybersecurity systems: a study by Splunk reported that 47% of IT executives surveyed said that cyber attacks have increased since the start of the pandemic and 36% of them claim to have experienced an increase in the volume of security vulnerabilities due to remote working. "The safety of remote workers will become not only one of the main objectives of companies, but it will be an imperative, since smart working workers will continue to represent a unique set of opportunities for cyber criminals - say from Gyala - at least until the companies will not learn to manage smart working in a structured way, not only by defining new flexible work policies, but also by introducing security policies and systems to guarantee the security of IT infrastructures extended by their employees' private PCs ". How to defend yourself from the most frequent cyber attacks As concluded by Mugnato: "From this point of view, the pandemic has only accelerated a process that I believe would have been inevitable anyway: on the one hand, the IT infrastructures of companies extend to home PCs, cloud services and interconnections with third parties, from other cyber attacks intensify and evolve in complexity and effectiveness. It is obvious that in the face of new risks, we need to equip ourselves with new technologies and methodologies to avoid them. In this pandemic year, services have been developed for small and medium-sized enterprises which, by exploiting complex artificial intelligence algorithms, make it possible to equip themselves with defense capabilities at a corporate level at an expense related to their size. Thanks to these technologies, even SMEs can adequately defend themselves against these new growing threats without diverting resources and attention from their business ".