Phishing and web-based attacks were the most common among Europe's SMEs
Small and medium-sized enterprises (SMEs) have become a desired target for many hackers during the COVID-19 pandemic. As moving to remote work was necessary, most smaller businesses were not prepared for the cybersecurity challenges.
According to the data presented by the Atlas VPN team, phishing and web-based attacks were the most common among Europe’s small and medium enterprises.
The data is based on the European Union Agency for Cybersecurity (ENISA) survey. In total, 249 SMEs from 25 European Union countries participated in the online questionnaire conducted between July and September 2020.
Pandemic caught the SMEs unprepared, as they have fallen victims to quite simple and non-sophisticated cyberattacks. This could signal the need for European SMEs to tackle this issue more seriously and work on educational programs for the employees.
Phishing attacks were the most popular as 41% of SMEs claimed to have experienced such a threat. This type of attack has become extremely popular due to remote work. All it takes is one careless click on a link, and a hacker has access to sensitive business information.
The second most common type of attack was web-based — 40% of SMEs got hit by it. Cybercriminals launch such attacks to steal desirable customer data. As small businesses do not have as many resources as bigger companies, they might not be able to secure their web applications better, so hackers can find vulnerabilities easier.
Next up, 39% of SMEs suffered from a general malware attack. Many small companies underrate the possibility of an attack happening to them due to their size. However, that is precisely what hackers search for, as they can get quick money with a ransomware threat from lesser secured SMEs.
Malicious insiders were a threat to 19% of small and medium companies. Otherwise known as turncloak is someone who abuses legitimate credentials to gain financial or personal benefits. For example, an individual who holds a grudge against his former employer or a devious employee who sells secret information to a competitor.
Denial of service attacks struck 12% of European SMEs. The point of such attacks is to disrupt a business’s website so it would not be accessible. A stopped website could lead to revenue losses, breached data, and customers' distrust.
Cybersecurity tips for small businesses
Even though SMEs do not have as much money to spend on cybersecurity, there are plenty of affordable and practical solutions.
Having a backup of your business data in the cloud is one of the essential measures you can take to protect your company. A backup can help to save data in case of a data breach or a ransomware attack. It would cost much more to recover your data once it is lost rather than keeping it in the cloud.
Another important thing is to establish basic security practices for employees. A set of rules describing how to handle sensitive data and use the internet securely would lower the risk of employee mistakes causing a data leak or a cyberattack.
Keeping your security software, operating system, and web browser up to date are great defensive tools against viruses and other online threats. Having outdated software can leave many vulnerabilities, which will give hackers more straightforward access to your system.
Lastly, put up a firewall on the Wi-Fi network to prevent outsiders from accessing data on a private network. It will monitor all incoming and outgoing traffic and block anything that might put your devices at risk.
Cybersecurity Researcher and Publisher at Atlas VPN. Focused on revealing the latest cybersecurity trends around the world.