Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
The Confident SMB

SMBs – The Weakest Link in the Cybercriminal Supply Chain?

Created: 10 Jul 2012 • Updated: 10 Jul 2012
andysinger's picture
0 0 Votes
Login to vote

Symantec’s latest Internet Security Threat Report Volume 17 showed that 2011 saw an increase in targeted attacks, and  18 percent of these targeted attacks were directed at businesses with 250 or fewer employees. Now that we’re halfway through the new year, how do things look for SMBs? According to the latest Symantec Intelligence Report – not good.

Targeted attacks still increasing

After reaching a record high in December of 154 attacks per day, daily attacks dipped briefly in January before returning to similar levels in February. For the most part, the daily attack average remained around this level for the first half of 2012 resulting in an average increase in targeted attacks per day of around 24 percent for the first half of 2012.

Attacks against SMBs double

Over the last six months, the number of attacks against SMBs has doubled, jumping to 36 percent compared to the 18 percent we saw just six months earlier at the end of 2011. What’s even more interesting is that when we look at the trends month-by-month, there appears to be a direct correlation between a rise in attacks against small companies and a drop in attacks against larger ones, which could mean that attackers are diverting resources directly from one group to the other. Even though larger businesses (2500+ employees) continue to be the primary target for most targeted attacks (44 percent), the gap between the two is quickly closing.

What’s causing this shift? It could be based on the perception that smaller businesses are an easier point of entry for an attacker into an industry. Many SMBs typically don’t have the resources to maintain a full IT staff, so these smaller businesses could be seen as a weaker link in the supply chain.

So, while your business may not be the primary target of an attack, cybercriminals may be using your organization as a stepping-stone to attack other businesses (your customers and partners). Because targeted attacks use customized malware and refined targeted social engineering to gain unauthorized access to sensitive information, successful attacks can result in significant financial advantage for the cyber criminals behind them.

The rise in targeted attacks against smaller companies reinforces the need for SMBs to take steps to protect company assets, both physical and intellectual from internet-based threats. For tips and ideas to help you protect your business from internet-based threats, please read Keep Your SMB Safe from Internet-Based Threats.

To download and view the June Symantec Intelligence report visit: