The solution for SMBs to protect against malware attacks

Cybersecurity threats from malware continue to be a significant risk for organisations large and small. The headline-grabbing, sophisticated attacks of the past couple of years have showcased companies’ vulnerability to threats, and these attacks are only becoming more common. 

Singapore’s Cyber Security Agency (CSA) reported that in 2018, there were an average of 2,900 botnet drones with Singapore IP addresses observed per day, and 21 cases of ransomware were reported to SingCERT. While the reports of ransomware incidents have declined from 2017, experts assert that Singapore has been, and will continue to be, the target of advanced persistent threat (APT) groups, and there are likely far more cases that go unreported, remaining a common threat.

Despite this constant threat of cyberattacks, Singapore’s SMBs are generally unaware of the risks they face. As research from Chubb notes, though 63 percent of SMB respondents believed they were in a better position than their larger competitors in terms of vulnerability to cyberthreats, 53 percent of them reported experiencing a cyberattack within the past year; perhaps indicating that their confidence is misplaced.

Research has shown that employees are often a key factor in the security breaches that companies experience. As a result, internal training and programs aimed at changing the culture around security are crucial. Technology solutions can also strengthen the defenses of SMBs against attacks that are considered preventable.

Gartner predicted that the majority of exploited vulnerabilities in organisations through 2020 will be the ones that security and IT professionals have known about for at least a year. To continually address these threats, SMBs need an effective tool to secure the various internet-enabled devices of employees, such as laptops, smart phones, and tablets, in addition to the servers, desktops, and software connected to and running on the company’s network. 

A unified endpoint management (UEM) and security solution automates monitoring routine network tasks, including deploying software, managing assets and software licenses, remote troubleshooting, as well as imaging and deployment of operating systems. These solutions also allow businesses to bolster company defenses by installing patches and monitoring usage of software and USB devices. They also help to enforce corporate security policies on usage of Wi-Fi and VPN; prevent unauthorised access to corporate email; enforce device-level encryption; isolate personal and corporate workspaces; and locate, lock, and wipe misplaced devices when appropriate.

Businesses of any size, but SMBs in particular, need to apply basic security controls to protect themselves from the mounting risks and consequences of a security breach. The following steps can be effective in securing the organisation from attacks, and they can be accomplished with a UEM solution. 

Maintain a hardware and software inventory to help thwart threats from shadow IT

Unknown software risks, prohibited software, and unsecured network devices can enable an attacker to sneak in. Studies have concluded that threats are also posed by shadow IT, which are the systems, software, or applications employees use regularly without the knowledge of executive leadership or IT. Having visibility into network software and remote network devices will provide a layer of protection to the network. Additionally, creating customised configurations for network hardware and software can help mitigate attacks.

Regular assessment and remediation of vulnerabilities 

WannaCry, Petya, Bad Rabbit, Meltdown, andSpectre all had a vaccine: patching. Vulnerabilities are everywhere, and SMBs need to ensure that all devices are patched and secured. Meanwhile, the increasing number of remote codeexecutions exploiting zero-day vulnerabilities make securing applications an important priority. Companies should also secure network ports by monitoring and controlling all the trafficmoving through them. 

Ensure access control and administrative privileges are accurate and in constant use 

Companies need to regularly monitor account activity and control password policies to stay on top of potential security gaps. Too often, expired user accounts are not removed from directories, leaving a gap in a company’s security, or passwords are not set to expire, increasing that account’s vulnerability over time. 

Protect browsers and data

Hackers are increasingly turning to cryptojacking, the practice of using malware to get other people’s computers to mine for cryptocurrencies. As a result, the risk of company browsers becoming infected with cryptomining tools is higher than ever. However, this is just one of many browser-based attacks companies need to protect against. 

There is also a huge amount of information that flows into companies each day, some of which are held asstale data without a retention policy. If that private information is not properly protected, companies can end up paying huge sums infines as per data protection laws.

Singapore’s Personal Data Protection Act (PDPA), as well as international data protection laws such as GDPR, have changed comprehensive data security from just being good business sense to a mandatory investment. SMBs can no longer afford to underinvest in cybersecurity and hope their business won’t be affected. The real questions are whether your organisation is protected from the threats that are currently known to the market, and if the organisation is equipped to quickly detect network breaches, as the ramifications of a security breach extend all the way to the bottom line.