SYDNEY, Australia – 5 December 2012 – For small-and medium-sized businesses (SMBs), 2012 will be known as the year hackers identified SMBs as stepping stones into larger, more lucrative targets. We saw the number of targeted attacks aimed at businesses with fewer than 250 employees double, climbing to 36 percent of all targeted attacks by mid-year. We also spotted some interesting trends among a new class of SMB, the accidental entrepreneurs, who are poised for explosive growth and aggressively leverage technology such as cloud computing to fast-track their success
Now as this year comes to an end, we turn our attention to what we expect will happen in the world of SMB information protection in 2013. While targeted attacks against SMBs will not let up, we’ll see SMBs fall victim to not only other cyber conflict but also of their own lack of preparation.
So, as you prepare your business for the New Year, here are the seven SMB trends Symantec recommends you keep in mind to protect your vital business information:
- Ransomware is the New Scareware
As fake antivirus begins to fade as a criminal enterprise, a new and harsher model will continue to emerge – ransomware.
Ramsomware goes beyond attempting to fool its victims; it attempts to intimidate and bully them. While this “business model” has been tried before, it suffered from the same limitations of real-life kidnapping: there was never a good way to collect the money. Cybercriminals have now discovered a solution to this problem: using online payment methods. They can now use force instead of flim-flam to steal from their targets, and we can expect the extortion methods to get harsher and more destructive.
In 2013, attackers will use more professional ransom screens, up the emotional stakes to motivate their victims and use methods that make it harder to recover from an infection. In addition to targeting consumers, attackers will use ransomware to hold small businesses’ data and systems hostage. You can read more about ransomware in this new research: Ransomware: A Growing Menace.
- Cyber Conflict becomes the Norm
In 2013 and beyond, conflicts between nations, organisations and individuals will play a key role in the cyber world. Espionage can be very successful and deniable when conducted online. Any nation-state not understanding this previously has been given many examples in the last two years. Nations or organised groups of individuals will continue to use cyber tactics in an attempt to damage or destroy secure information or funds, of its targets. In 2013, we will see the cyber equivalent of saber rattling, where nation-states, organisations and even groups of individuals use cyber attacks to show their strength and “send a message”.
Additionally, we expect more conflict-related attacks on individuals and non-government groups, such as supporters of political issues and members of minority groups in conflict. A representation of this is the type of targeting that currently is common when hactivist groups are aggravated by an individual or company. SMBs should prepare to be targeted by these groups as a backdoor into other targets.
- the 100 percent virtualised SMB becomes more common
Organisations of all sizes will evaluate and adopt multiple hypervisors into their virtualisation and computing environments, as the market share of hypervisor vendors will begin to balance out between the largest vendors. This hypervisor diversity will cause specific hypervisor point tools to be ripped out and replaced by platforms with more capabilities that support multiple hypervisors, physical, virtual, snapshot and cloud-based infrastructures for backup, recovery and management. This will lead to more SMBs becoming 100 percent virtualised and using multiple hypervisors in both testing and production environments.
As a result, these SMBs will see a positive effect to their disaster preparedness. Virtualisation and cloud computing work hand-in-hand with a comprehensive backup and recovery plan to improve disaster preparedness, with the ability to have off-site storage and physical machines quickly available in a virtual environment if a disaster were to occur. Symantec research shows that 71 percent of SMBs that have adopted server virtualisation report improved disaster preparedness, as well as 41 percent using public cloud and 43 percent using private cloud.
- Madware Adds to the Insanity
Mobile adware, or “madware,” is a nuisance that disrupts user experience and can potentially expose location details, contact information and device identifiers to cybercriminals. Madware, which sneaks onto a users’ phone when they download an app, most often takes the form of sending pop-up alerts to the notification bar on mobile devices, adding icons to the devices, changing browser settings and gathering personal information.
In just the past nine months, the number of apps including the most aggressive forms of madware has increased by 210 percent. Because location and device information can be legitimately collected by advertising networks – as it helps them target users with appropriate advertising – we expect increased use in madware as more and more companies seek to drive revenue growth through mobile ads. This includes a more aggressive and potentially malicious approach towards the monetisation of “free” mobile apps.
- Monetisation of Social Networks Introduces New Dangers
Just like consumers, SMBs place a high level of trust in social media, with 63 percent of SMBs now using social networks to market their goods and services, and engage with customers. As these networks start finding new ways to monetise their platforms by allowing members to buy and send real gifts, the growing social spending trend also provides cybercriminals with new ways to lay the groundwork for attack.
Symantec anticipates an increase in malware attacks that steal payment credentials in social networks and trick users into providing payment details, and other personal and potentially valuable information, to fake social network clients – which may include fake gift notifications and emails requesting home addresses and other personal information. While providing non-financial information might seem innocuous, cybercriminals sell and trade this information with one another to combine with information they already have about you, helping them create a profile of you they can use to gain access to your other accounts.
These new dangers in social networks only compound the problem for SMBs, 87 percent of which do not have formal written internet security policy for employees. Despite the fact that social networks are an increasingly popular vector for phishing attacks, 70 percent of SMBs do not have policies for employee social media use. In 2013, lack of security policy and best practices, such as educating employees, will come back to bite SMBs.
- As Users Shift to Mobile and Cloud, so will Attackers
Attackers will go where users go, so it should come as no surprise that mobile platforms and cloud services will be high-risk targets for attacks and breaches in 2013. The rapid rise in malware on Android in 2012 confirms this.
As unmanaged mobile devices and BYOD at companies of all sizes continue to enter and exit corporate networks, they pick up data and this info tends to become stored in other clouds, increasing the opportunity and risk for breaches and targeted attacks on mobile device data. Also, as users add applications to their phones they will pick up malware.
Some mobile malware duplicates old threats, like stealing information from devices. Today mobile malware sends premium text messages to accounts bad guys profit from. In 2013, you can be sure mobile technology will continue to advance and thereby create new opportunities for cybercriminals. For example, as eWallet technology becomes more widely used, it will become yet another platform hackers attempt to exploit. Just as we saw the Firesheep threat emerge to take advantage of Wi-Fi users, we will see malware in use by criminals to hijack payment information from people in a retail environment. Some payment systems are widely used by tech novices, both users and businesses, and may have vulnerabilities allowing information to be stolen.
- cloud outages get worse before getting better
There will be a significant increase in cloud outages in 2013, resulting in millions of dollars lost, yet companies will continue to pour resources into cloud offerings. The need to manage and protect data SMBs put in the cloud will lead to more adoption of backup and disaster recovery appliances and cloud service providers will begin to innovate more secure and efficient recovery of data and applications. Companies of all sizes will need to adopt these better cloud management tools to protect their data because cloud outage problems will get worse before they get better – infrastructures that have scaled quickly with hand-written code and that utilise inefficient shared resources will result in major outages and some black eyes for the cloud computing market. For SMBs, cloud outages and the resulting downtime can be devastating, even if a critical app goes down for just a short time – the median cost of downtime for an SMB is USD$12,500 per day.
We believe 2013 promises to be an exciting year for SMBs. Beyond the challenges you’ll face protecting information, you’ll also see great opportunities to leverage new technologies for the benefit of your business. To start the New Year out on the right foot, Symantec offers the following e-ssential tips:
- Know what you need to protect: One data breach could mean financial ruin for an SMB. Look at where your information is being stored and used, and protect those areas accordingly.
- Enforce strong password policies: Passwords with eight characters or more and use a combination of letters, numbers and symbols (e.g., # $ % ! ?) will help protect your data.
- Map out a disaster preparedness plan today: Don't wait until it's too late. Identify your critical resources, use appropriate security and backup solutions to archive important files, and test frequently.
- Encrypt confidential information: Implement encryption technologies on desktops, laptops and removable media to protect your confidential information from unauthorised access, providing strong security for intellectual property, customer and partner data.
- Use a reliable security solution: Today's solutions do more than just prevent viruses and spam; they scan files regularly for unusual changes in file size, programs that match known malware, suspicious email attachments and other warning signs. It's the most important step to protect your information.
- Protect Information Completely: It's more important than ever to back up your business information. Combine backup solutions with a robust security offering to protect your business from all forms of data loss.
- Stay up to date: A security solution is only as good as the frequency with which it is updated. New viruses, worms, Trojan horses and other malware are born daily, and variations of them can slip by software that is not current.
- Educate employees: Develop internet security guidelines and educate employees about internet safety, security and the latest threats, as well as what to do if they misplace information or suspect malware on their machine.
Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.
Forward-looking Statements: Any forward-looking indication of plans for products is preliminary and all future release dates are tentative and are subject to change. Any future release of the product or planned modifications to product capability, functionality, or feature are subject to ongoing evaluation by Symantec, and may or may not be implemented and should not be considered firm commitments by Symantec and should not be relied upon in making purchasing decisions.