Did you know that if all SMEs closed, GDP and world economies would collapse? SMEs are a fundamental part of the heart and economic engine of our society, representing 90% of all companies worldwide. According to the World Bank and the The report of Statista, with approximately 332,9 million SMEs, they contribute up to 40% of national income (GDP) in emerging economies, playing a key role and adding value in all sectors of the economy.
-
According to the World Bank, SMEs represent 90% of all companies worldwide and contribute up to 40% of national income (GDP) in emerging economies.
-
Only in 2022, 61% of all cyberattacks targeted small businesses.
-
The costs of a ransomware cyber-attack can lead to the complete closure of an SME.
A Check Point Software Technologies Ltd, the world's leading provider specializing in cybersecurity, shared in its latest reports that SMEs are one of the most recurrent targets of cyberattacks. However, investment in cybersecurity remains one of the main pending tasks for these companies. Many of these do not even incorporate any kind of security solution and the increasingly high costs associated with the results of a cyber attack can lead to the complete closure of an SME.
According to the “SMB 2022” Report by Check point software, based on a survey of more than 1.000 small and medium-sized businesses in the US, Germany, UK and Singapore, two of the biggest impacts cyber-attacks have on SMBs include lost revenue (28%) and loss of customer confidence (16 %). In fact, damages are not always limited exclusively to companies. The methods used in cyberattacks continue to evolve, giving rise to so-called cyberattacks. ransomware of double and triple extortion, in which, after the violated company is “kidnapped” and held for ransom, users affected by the violation are contacted again and asked for more money.
Check Point Software wants to ensure that SMBs are aware of the current dangers on the network, as well as help them achieve the digital resiliency that allows them to continue to grow securely, by offering them some tips:
- Regular backups: one of the main purposes of ransomware is to disable access to data. In this way, and sometimes with the added threat of deletion, cybercriminals seek to extract ransom payments from their victims. Generating and storing automated data backups allows companies to quickly recover from these cyberattacks, minimizing their incidence.
- Update devices on a recurring basis: there are many SMEs and users who do not update immediately when an update arrives or leave it for later, which is a terrible mistake. The purpose of applying patches and updates is to close or correct any vulnerability present in the device or application, being a crucial component in the defense against ransomware attacks. Failure to do so allows cybercriminals to take advantage of the latest exploits discovered, targeting their attacks at systems that are still vulnerable.
- User Authentication: Just as we don't share our passwords or even house keys, it's equally important for companies to ensure that only the right people have the access they need. A recurring type of cyberattack focuses on RDP (Remote Desktop Protocol) access with stolen user credentials. Using two-factor user authentication adds an additional layer of defense to prevent attackers from using these compromised passwords or accounts.
- Reduce attack surface: considering the high potential cost of a ransomware infection, the best strategy is to focus on a prevention strategy, stopping attacks before they are implemented, instead of the current traditional detection (meaning that the organization is allowing the attack occurs and then hurries to mitigate it).
- Implement an anti-ransomware solution: given its data encryption methodology, ransomware leaves a unique digital footprint when executed on a system. Anti-ransomware solutions are designed to identify these traces and detect these attacks more efficiently.
- Cybersecurity training and awareness: Most malware targeting SMBs is often spread via phishing emails, and the weakest link in the chain is often employees. Here, in Angola, Check Point's Threat Intelligence Report indicated that 18% of attack vectors for malicious files in the last 30 days came from emails. It is therefore important to train employees on how to identify and prevent potential threats of this type with training and support from relevant security tools.
