Small and medium sized enterprises are increasingly falling victim to cyber attacks orchestrated by hackers able to take advantage of their sub-par security systems and processes, according to a report by global insurer Chubb.
Ransomware attacks, which typically utilise malicious software to block a business’ network until a ransom is paid, are becoming particularly prevalent.
“Cyber criminals typically don’t target specific small businesses, but they increasingly use tools that target their vulnerabilities,” said Patrick Thielen Senior Vice President, Chubb Financial Lines.
“Those vulnerabilities are at times technical, like unpatched software or poorly configured hardware. But even more common are those vulnerabilities involving employees who may use weak or compromised passwords, or may inadvertently click something they shouldn’t have.”
Anthony Dolce, Vice President, Cyber Lead, Chubb North America Financial Lines Claims noted that Cyber criminals know SMEs may mistakenly think that cyber security services are beyond their means, which makes them more vulnerable to an attack.
“However, we are living in an age where cyber attacks are constantly evolving and threatening businesses of all sizes, but especially small to mid-size businesses.”
Therefore, Dolce said it remains critical for companies to understand this present age and develop strong risk mitigation strategies to lessen the impact of cyber threats.
The report stated that companies can help mitigate their risks by taking steps such as auditing their systems that are most susceptible to an attack, and making sure precautions are taken to prevent an incident before it occurs.
It adds that some of the easiest actions SMEs can take centre on employee education, endpoint monitoring, detailed VPN logs, and the use of multi-factor authentication.
Chubb’s report closely follows news of a potential ransomware attack on Norsk Hydro, one of the world’s largest manufacturers of aluminium, that forced the company to switch to manual operations in a bid to contain the breach.