The most common SMB cybersecurity threats and how to protect your business

Ransomware

You most likely already familiar with the term “malware.” Malware is a malicious application that can help hackers get into your network, hijack your computers or cause system problems. Ransomware is a specific type of malware. It makes it possible for a cybercriminal to take complete control of your data and hold it for ransom.

Ransomware relies on encryption, so you can’t just turn off one computer and move to another. Instead, you have to restore from a  backup or pay the attackers to get your data back.

You see ransomware frequently mentioned because it’s a profitable way for hackers to bring in revenue. You can reduce the potential damage of a ransomware attack with a robust backup, which allows you to restore your systems without paying anything.

Social engineering and phishing

A common portrayal of a hacker is someone furiously typing, trying to find the right username and password combination to get into your network. In reality, they may end up getting unintentional help from the people in your organization.

Phishing takes place through email. The would-be hacker sends malware through emails that look legitimate. The victim ends up opening the file and downloading the malicious file on their workstation.

Social engineering is a broad term that describes situations where the hacker manipulates people to get the result that they want. For example, they can pretend to be a person in a different department and use that fake identity to access resources they should not have access to.

One way to protect against the people skills of certain charismatic hackers is to give the entire company training that explains the situations they may encounter. You don’t need everyone to have an IT specialist’s level understanding of cybersecurity, but you do want them to know what they’re looking for.

POS viruses

If you have a physical retail location, your point of sale systems may be at risk of getting hacked.

POS viruses are loaded directly onto this equipment, typically by leveraging some sort of security loophole or breach. They can access credit card information, customer addresses and other personal data. (It’s also worth mentioning that POS terminals should be separated from any connections to office workstations and other devices to avoid malicious data injection/hijacking.)

Limit the chances of this cybersecurity breach from happening by staying up to date on operating system and firmware updates for your POS. Talk to your vendor to see whether they have other security recommendations in place.

DDOS

A distributed denial of service (DDOS) attack overwhelms your network’s capacity and causes your resources to crash and become inaccessible. DDOS attacks often leverage botnets of compromised devices, making so many server requests that your server simply can’t handle them.

Or, in plain English, the hacker overwhelms your server, which keeps it from working.

Sometimes bringing your systems down is the entire point of a DDOS. In other cases, the hackers use a DDOS to try to identify other vulnerabilities that they can use to gain access to your systems.

A proactive cybersecurity system can help you stay ahead of a DDOS attack. The affected IP addresses can be blocked. Or you can spread the traffic over multiple servers to stop the spike in requests from bringing everything down. You might even resort to backup servers that are distributed elsewhere, such as a cloud-based resource.

SQL injection

Many web applications depend on SQL databases to store data. They can’t function without having access to this valuable digital asset.

An SQL injection introduces malicious tables into your databases that could lead to data breaches, unauthorized access and other problems. SQL injections can happen due to unpatched software or forms that fail to sanitize user-submitted fields. If you don’t realize that your database has been breached, then you may end up getting attacked multiple times without finding the culprit.

Keep your SQL databases updated and audit them frequently. Look over all of your forms and confirm that any code gets removed from the text fields before it reaches the database. Preventative maintenance can stop a lot of SQL injections in their tracks.

Internal bad actor

The most significant threat could come from within your organization. Employees sometimes work in concert with “bad actors” or an employee could even be a “bad actor.”

What’s a bad actor? Someone who wants to breach your security and compromise your data. Sometimes this happens when an employee is working for the competition. Other times they may be disgruntled and upset at the company.

While it’s difficult to protect against malicious individuals who have leadership positions in your organization, you can easily limit what lower level employees can do. Use a robust user account management strategy to control permissions and stay on top of deactivating user accounts when necessary.

Your company’s HR department, if you have one, also needs a streamlined process for firing employees that limits how much damage they could do on your network before leaving.