4 steps for SMBs to protect against malware attacks

Cybersecurity threats from malware continue to be a significant risk for organisations large and small.

The headline-grabbing, sophisticated attacks of the past couple of years have showcased companies’ vulnerability to threats, and these attacks are only becoming more common. 

According to a report, businesses in the UK faced an average of 157,528 attempted cyberattacks in the third quarter of this year- an increase of 243 per cent from the same period last year. Almost half a million unique IP addresses were used to launch online cyber attacks on UK businesses during that period, with IoT devices and file sharing devices among the most targeted applications, the report stated.

Gartner predicted that the majority of exploited vulnerabilities in organisations through 2020 will be the ones that security and IT professionals have known about for at least a year. Despite the constant threat of cyberattacks, ManageEngine’s State of IT in the UK 2019 survey has found that a majority (31 percent) of SMB respondents consider high costs as the main barrier to securing additional resources for better IT security. 

However, SMBs can protect themselves from the mounting risks and consequences of a security breach by applying some basic security controls. The following steps can be effective in securing the organisation from attacks. 

Maintain a hardware and software inventory to help thwart threats from shadow IT

Unknown software risks, prohibited software, and unsecured network devices can enable an attacker to sneak in. Security threats are also posed by shadow IT, which includes the systems, software, or applications regularly used by employees without the knowledge of management or the IT teams. Having visibility into network software and remote network devices will provide a layer of protection to the network. Additionally, creating customised configurations for network hardware and software can help mitigate attacks.

Regular assessment and remediation of vulnerabilities 

WannaCry, Petya, Bad Rabbit, Meltdown, and Spectre all had a vaccine: patching. Vulnerabilities are everywhere, and SMBs need to ensure that all devices are patched and secured. Meanwhile, the increasing number of remote code executions exploiting zero-day vulnerabilities make securing applications an important priority. Companies should also secure network ports by monitoring and controlling all the traffic moving through them. 

Ensure access control and administrative privileges are accurate and in constant use 

Companies need to regularly monitor account activity and control password policies to stay on top of potential security gaps. Too often, expired user accounts are not removed from directories, leaving a gap in a company’s security, or passwords are not set to expire, increasing that account’s vulnerability over time. 

Protect browsers and data

Hackers are increasingly turning to cryptojacking, the practice of using malware to get other people’s computers to mine for cryptocurrencies. As a result, the risk of company browsers becoming infected with cryptomining tools is higher than ever. However, this is just one of many browser-based attacks that companies need to protect against. There is also a huge amount of information that flows into companies each day, some of which are retained as stale data without a retention policy. If that private information is not properly protected, companies can end up paying huge sums in fines as per data protection laws.

EU’s General Data Protection Regulation (GDPR), which came into effect last year, has changed comprehensive data security from just being a good business practice to a mandatory investment. SMBs can no longer afford to under-invest in cybersecurity and hope their business won’t be affected. The real questions are whether your organisation is protected from the threats that are currently known to the market, and if it is equipped to quickly detect network breaches, as the ramifications of a security breach extend all the way to the bottom line.

About the Author

Mathivanan Venkatachalam is vice president of ManageEngine, the IT management division of Zoho Corp., and has been part of the Zoho team since its inception. Prior to working with ManageEngine, he was associated with IIT Madras for their V5.2 protocol stack in layer 1 and layer 2 development. He specialises in programming, with an emphasis on C, C++ and Java. Currently, he directs the research and development of ManageEngine’s IT operations management, applications management, and endpoint management software.

Featured image: sakkmasterke