Nation-State Hackers Go After Small and Medium Businesses

Why? Because they are soft targets with underfunded and understaffed cybersecurity programs, if they have cybersecurity programs at all and many of them are vendors to Fortune 1000 companies, creating an easy backdoor in.

Small and medium sized businesses (SMBs) are just trying to stay afloat in the chaos and don’t understand that they are the easy way for hackers to get to the larger guys. To hackers, they are collateral damage and since they don’t have the funding or, in many cases, enough (if any) cyber insurance, they just declare bankruptcy and close, putting their employees out of work and their customers holding the bag.

Broadcom says the average company doesn’t think that Iran, Russia, North Korea and China is going after them. In a sense, they are right. They are just the way in. Here is the breakout by sector:

Security firm Sophos says that while attacks are down a bit from last year, cost of the attacks is up and more SMBs are seeing ransomware.

They say 70 percent of incidents for small businesses are ransomware attacks and 90 percent of attacks against medium size businesses involve ransomware.

More importantly, while a company like say Dell can afford to spend millions to recover from a cyber attack, small and medium sized businesses can’t afford to spend a hundred thousand. And that assumes that their customers don’t flee to other vendors and never come back.

For our defense contractor customers we have some FREE – yup, that is right – tools, courtesy of Uncle Sam. Tools are more expensive for the rest. While there are free open source tools, you have to have the skills to manage them and most small businesses have a problem there.

Credit: Dark Reading

by