When a small business owner is faced with the responsibilities of production economics, financial reports and marketing all at the same time, cybersecurity can often appear complicated and, at times, unnecessary. However, this disregard for IT security is being exploited by cybercriminals, says the online security firm Kaspersky.
Kaspersky researchers assessed the nature dynamics of attacks on small and medium-sized businesses between January and April 2022 and the same period in 2021 to identify which threats pose an increasing danger to entrepreneurs.
In 2022, the number of Trojan-PSW (Password Stealing Ware) detections increased by almost a quarter compared to the same period in 2021, to 4,003,323. The number in Thailand reflected the global trend. The country logged 19,885 detections, a 2.35% rise. Trojan-PSW is a malware that steals passwords, along with other account information, which then allows attackers to gain access to the corporate network and steal sensitive information.
Another popular attack tool used on small businesses is internet attacks, specifically web pages with redirects to exploits, sites containing exploits and other malicious programs, botnet command-and-control centres, etc. The number of these attacks detected by Kaspersky researchers also increased in the first four months of 2022 to 35.4 million infections from 32.5 million a year earlier.
Interestingly, such detections in Thailand increased by 107.6% to 317,347.
Other Southeast Asian countries have seen a spike as well. When it comes to internet threats against small businesses, Indonesia had the most detections (2,063,711), followed by Vietnam, Thailand, Malaysia, the Philippines and Singapore.
With the shift towards remote working, many companies have introduced remote desktop protocol (RDP), a technology that enables computers on the same corporate network to be linked together and accessed remotely, even when the employees are at home.
The overall number of attacks on RDP has decreased slightly, but not in all countries. For example, in the first trimester of 2021 there were about 47.5 million attacks in the US, whereas for the same period in 2022 the number was 51 million.
The number of attacks on RDP in Thailand has also decreased. Kaspersky's products recorded 5,144,699 detections in the first trimester of 2022, 70.1% lower than a year earlier.
Having a special security solution enables attack visualisation and provides IT administrators with a convenient tool for incident analysis. The faster they can analyse where and how a leak occurred, the better they will be able to solve any negative consequences.
Even small businesses with limited IT resources still need to protect all their working devices, including computers and mobile phones, from cyberthreats. Solutions are now available for small online stores and local businesses to keep all work devices protected, safely transfer files and avoid falling victim to ransomware.
"With the shift to remote working and the introduction of numerous advanced technologies in the daily operations of even small companies, security measures need to evolve to support these sophisticated setups," said Denis Parinov, a security researcher at Kaspersky.
"Cybercriminals are already way ahead of the curve, so much so that virtually every organisation will experience a breach attempt at some point. For small companies today, it's not a matter of whether a cybersecurity incident will happen but when. Having trained staff and an educated IT specialist is no longer a luxury but a must-have part of your business development."
To protect your business, Kaspersky recommends:
- Providing your staff with basic cybersecurity hygiene training as many targeted attacks start with phishing or other social engineering techniques.
- Using a protection solution for endpoints and mail servers with anti-phishing capabilities to decrease the chance of infection through phishing emails.
- Taking key data protection measures. Always safeguard corporate data and devices, including by using password protection, encrypting work devices and ensuring data is backed up.
- Keeping work devices physically safe -- do not leave them unattended in public, always lock them and use strong passwords and encryption software.
