Targeted Attacks Spike Against SMBs

Network SecurityTargeted attacks are spiking. Cyberespionage is becoming more commonplace. And SMBs are increasingly becoming the target

These were some of the most significant findings in Symantec Corp.’s latest Internet Security Threat Report (ISTR), released this week at its Vision Conference 2013. That means for security partners, the days of complacent, “set and forget” security sometimes reserved for their smallest customers might soon be coming to an end.

Now, it’s been well established that targeted attacks are on the rise. This year, the ISTR found that advanced persistent threats and other targeted attacks leapt upwards by 42 percent from two years ago.

Given previous growth trajectories, that’s no big news. But what is perhaps more significant is that these kinds of attacks are accelerating fastest among businesses with fewer than 250 employees. So much so that SMBs were the target in 31 percent of all attacks, representing a three-fold rise from 2011.

The reasons are varied, according to Kevin Haley, director of Symantec Security Response.

“That says something in our business that we’ve known for a while,” Haley said to Channelnomics. “Small companies don’t have the same resources. They don’t think they’re going to be attacked. Attackers are taking advantage of that.”

Yet, clearly SMBs have something that attackers want. Small companies aren’t known for having gobs of cash readily at their disposal. But they often do have sensitive customer data and intellectual property. And depending on the vertical, they could also possess sensitive medical information, blueprints and classified government information — giving rise to new security solutions provided by industry-specific partners.

Perhaps not surprisingly, Symantec’s threat report also indicated that Web-based attacks increased by 30 percent from last year, many of which were sourced to the compromised Web sites of small businesses. In a slight departure from previous trends, the sites were then used in massive cyber-attacks as well as so-called “watering hole” attacks, in which perpetrators compromise Web sites frequently used by the victim, and then sit back and wait for the target to visit the site in order to deliver a malicious payload.

Now, one would think that these kinds of exploits would be launched on technology firms, high-stakes financials or government agencies with three-letter acronyms. But the reality is that the attacks were spiking in manufacturing sectors, according to the report. And the reason is likely attributed to attack trends that target the supply chain, Haley said. Manufacturing sectors are inevitably in possession of valuable intellectual property, and subsequently cybercriminals can gain access to critical information related to larger organizations by association.

What’s more, executives are no longer the targets of choice. Instead, knowledge workers, with access to intellectual property were the the most commonly targeted victims across all industries (27 percent) followed by those in sales (24 percent).

“What it looks to us is that attackers themselves realized there’s easier way to get what they want,” Haley said. “If the piece of information they want is in both a large business and small business, the odds that they’ll be successful are higher in the small business. They’re working their way down the supply chain to get to weakest link.”

For the channel, the days of the complacent or even “break-fix” security mentality for their lower market customers might rapidly be coming to an end. Rising attack trends that target the SMB indicate that advanced malware is indiscriminate. And as such, high-end security might not be relegated only to enterprise customers.

That said, it’s no secret that the vast majority of SMBs will be challenged to afford more sophisticated security solutions. But that’s where the channel’s creativity will most certainly come into play.

In the future, partners will likely be prompted to think outside the box, and find new combinations of products and services that fill in critical security holes for SMBs while adhering to budget and staffing limitations. And it’s likely that new disruptive technologies, such as the cloud and mobile platforms, will help them achieve those goals.

For the time being, however, partners will need to stay vigilant on behalf of their smallest customers, and perhaps start ramping up solutions in anticipation of new opportunities.