During 2022, the term Cybersecurity, previously almost exclusive to IT departments and industry professionals, became part of the vocabulary of many Portuguese people, thanks to a series of high-profile attacks that served as a warning for this new threat. Digital transformation processes in companies have been essential for boosting business, but the downside has been the increase in cyberattacks. What we don’t see on television is that there are thousands of SMEs that have increasingly become targets for cybercrime.
One of the biggest myths associated with Cybersecurity is precisely that SMEs don’t need to worry about the security of their IT systems. In the mind of a small business owner, the idea lingers: “Why would a hacker be interested in us? We are not as relevant nor do we handle values like large companies do”. However, the numbers tell us otherwise: according to the report by EIT Digital, Global Digital Foundation, and Huawei, in 2022, 57% of SMEs in Europe shut down their services due to cyberattacks.
Cybercriminals are aware of this lack of preparedness among smaller companies and use it to their advantage. The Cybersecurity report in Portugal, recently released by the Cybersecurity Observatory, indicates that 48% of the SMEs surveyed have already experienced some form of cybercrime, with the most common being viruses, spyware, and malware (21%).
Moreover, it is through attacks on SMEs that attackers can reach larger companies, especially if they are, for example, suppliers to large companies, thus holding large volumes of data related to the national economy.
The image that still prevails of the hacker is of someone who attacks alone and does not make it their main activity. However, the reality is that today, cyberattacks are a business that moves millions, with professionalized, organized groups with extremely high and constantly updated levels of knowledge.
When an attack is carried out, the result is data breaches that can lead to losses or manipulation of information. This causes financial losses, loss of customer trust, and damage to the company’s public reputation. Let’s start by getting to know some of the main types of cyberattacks.
The 5 most Common Types of Cyberattacks in 2023
Knowing the most common Cybersecurity threats is the first step to understanding which preventive measures to implement to protect companies and their systems. Here are some of the most common ones:
1. Malware
It is one of the most frequent types of attacks and includes various categories of viruses: worms, spyware, ransomware, adware, and trojans. It breaches networks through vulnerabilities and hides in seemingly harmless links, email attachments, or infected devices like pen drives or hard drives.
The trojan (or Trojan Horse) is one type of malware that presents itself as legitimate software. Ransomware blocks access to key network components, and Spyware accesses confidential data. Finally, adware disguises itself as banners and advertising images on screens.
2. Phishing
Phishing attacks are among the most popular today. Through social engineering tactics, attackers impersonate trusted contacts and send messages (email, SMS) or present themselves as official company statements with links where the threat is hidden. By clicking on the link or opening an attachment, attackers access confidential information, such as bank account and credit card details, potentially stealing large sums of money. Identity theft is also quite common, as well as credential theft and other types of data that can be sold on black markets.
3. DDoS
A DDoS attack (Distributed Denial of Service) aims to overload a server or computer, exhausting memory and processing. Many websites become inaccessible or very slow on the internet due to this type of attack, which can cause significant losses for, for example, online stores or news websites, whose dependence on advertising revenue is greater.
4. SQL Injection
This type of attack uses SQL code (structured query language) with the intention of manipulating databases and accessing confidential information such as company data, user lists, among others. Attackers can thus forge identities, alter, disclose, or even destroy data, causing concerning damage, including loss of reputation and customer trust, who may have their data exposed as a consequence of the attack.
5. Cross-Site Scripting (XSS)
In a Cross-Site Scripting attack, the attacker can insert malicious code into a web page, which is made available in the user’s browser without the threat being detectable. These scripts can thus access cookies and information that should be private. It is a type of attack that differs from others because it does not target the software but rather its users, and it can also be used to spread malware, rewrite content on websites and social networks, phishing, and more.
It cannot be stressed enough that, to prevent any of these types of cyberattacks from becoming a problem for your company, it is essential to invest in preventive measures and establish a Cybersecurity action plan. A document accessible to all, with the protocols to follow and the company’s system security policy, helps teams become aware of the procedures to adopt.
How to Implement a Cybersecurity Action Plan for SMEs in 5 Steps
First, understand that the Cybersecurity solution is not a product but a process. As technology evolves, all processes and action plans must be adjusted accordingly. Everything becomes safer the more layers of security we have, both from a preventive and reactive standpoint. It is essential to add obstacles so that the attack – which, without proper protection, will eventually happen – does not have severe consequences for our organization.
1. Appoint a Cyber Leader (Digital Leader)
A Cyber Leader ensures risk management expertise and has the ability to technically understand the vulnerabilities existing in the organization. Whether an external or internal consultant, they must be, above all, a professional with strong strategic skills and capable of influencing stakeholders to build a secure business system.
2. Define and Activate Network Perimeter Protection
The firewall’s main function is to protect the company’s network perimeter from cyberattacks, as well as the transmission and storage of your organization’s data and information. This security barrier has a high capacity for monitoring and analyzing all communication sent and received by devices.
With the pandemic, it was necessary to adopt work from locations outside the organization’s network perimeter. It is essential to define secure and flexible connectivity policies that streamline access to information and protect your company’s network from home and other insecure networks.
3. Define and Activate Device Protection Policies
Whether personal or corporate, if connected to the internet, devices must be protected. These devices are an essential tool for accessing data, but that possibility also brings threats.
Smartphones, tablets, laptops, and PCs must have up-to-date software and firmware versions. Performing periodic updates is crucial to keeping systems secure. Configure operating systems, programs, smartphones, and applications to receive automatic updates, so you don’t have to worry about handling this task manually.
4. Alert Teams to the Precautions to Take against Threats
Raise awareness among your employees with training sessions and define best practices to help them protect themselves against threats. Organize recurring events to educate teams about the dangers of, for example, clicking on suspicious links. 90% of attacks come from malicious emails and are caused by user negligence.
5. Establish a Routine for Creating Backups
Imagine arriving at work in the morning, turning on the computer, and the information you usually access, such as client details, budgets, orders, and payments, is blocked or simply disappeared.
We all know how important periodic backups are, but the truth is that this issue is neglected by many organizations. Just as we understand the importance of car insurance or health insurance, it is crucial to implement a backup solution that ensures the execution of backups and, more importantly, allows for the restoration of information if necessary.
However, this type of copy is not always the most effective, as malware can also transfer to devices. Currently, there are many providers and teams specializing in cloud backup solutions. These services allow for the configuration of automatic copies and free SMEs, usually with fewer human resources and IT know-how, from the need to deal with these issues.
As mentioned earlier, the shortage of IT professionals with knowledge in the field of Cybersecurity is a major obstacle for SMEs, making them more vulnerable to cybercrime threats.
If this is your case, know that Pontual is a reference partner in cybersecurity, systems, and hardware solutions, with a portfolio of over 700 protected clients. We work with renowned international brands and players such as Microsoft, WatchguardOne, and Acronis, and thanks to our branches spread across the country, we have a range of intervention that covers the entire continental national territory.
Contact us for more information.
