No business too small: ransomware’s growing appetite for SMEs

Sandra Lee, Managing Director, Greater China, ASEAN, Korea, Sophos

Small business owners often believe that cybercriminals are less likely to come for them because there are always ‘bigger fish to fry’. Unfortunately, this notion, coupled with limited resources, is putting small businesses at risk.

The Cybersecurity Agency of Singapore (CSA) recently announced that there will be cyber health “check-ups” for SMEs in Singapore to help improve their cyber resilience, and deal with the growing risk of cyber attacks amongst this business demographic. Good news considering Singapore reported the highest rate of ransomware attacks of all countries surveyed in the 2023 Sophos State of Ransomware report with nearly 85% of the organisations surveyed saying that they were a victim of a ransomware attack, compared to 65% in the year before.

One of the leading ways attackers are gaining entry is through unpatched vulnerabilities. SMEs often lack the necessary cybersecurity mechanisms to stay on top of required patching making them ‘low-hanging fruit’ for cybercriminals. With criminals now employing automated tools and ‘ransomware-as-a-service’, the number of SME victims are only expected to rise, highlighting the urgent need for these enterprises to bolster their basic cybersecurity hygiene.

Emails used as gateways to malware

A ransomware attack can also begin with just a simple email. Sent to employees and carrying malware via attachments and links, phishing emails can fester into a series of malicious activities once the threat establishes a foothold in their target where they can expose network systems and identify key endpoints and other essential data before exfiltration.

Given their simple deployment, email attacks are successful in taking advantage of unsuspecting victims. In Singapore, email phishing attacks remain a significant concern, many targeting businesses to trick employees with fraudulent emails typically linked to corporate issues and delivery problem notifications, to obtain data for resale or to be leveraged in targeted attacks against organisations.

Stolen data and ransomware threats

Ransomware and data theft present serious implications for businesses regardless of their kind and size. Stolen data, such as intellectual property, credentials, financial information, personal details, and customer lists, is irreplaceable information that no organisation can afford to lose. Along with their reputation, an SME’s relationship with its customers and partners can take a huge hit should it be the victim of data theft or breach.

It doesn’t stop at one attack

Wanting to maximise their impact and access as many types of data they can, cybercriminals often don’t stop at just one attack, and will come back for a second – or more – attack. This is another reason why SMEs need to build a cybersecurity framework with the right people, processes and tools to keep their businesses and data safe.

Building a cyber-aware culture is pertinent to tightening frontline defence. Every employee must be cyber educated to know and to practice good cybersecurity habits. Combining the right cybersecurity technology and services with hyper-cyber-aware  employees, provides SMEs with the best way to reduce risk and no longer be the long hanging fruit that cybercriminals crave.