In our last blog post we looked at various web attack methods, threat updates and where cyber criminals were focusing their efforts.
In part 2 of this series based on the 2016 Cisco Annual Report we want to focus on 3 main areas that are being exploited – Data encryption, WordPress web sites and the IT Security infrastructure vulnerabilities.
These are 3 particularly important aspects of IT Security for SME businesses.
A False Sense of Encrypted Security
Customer details form the cornerstone of any business however in 2015 there seemed to be a false sense of security when it came to encryption. Encrypted traffic, specifically HTTPS, is fast becoming the dominant form of traffic (in fact it accounts for over 50% of all bytes sent over the Internet).
Both sending and storing data have been identified as two ways SMEs become victims of cyber attacks. Cisco found that a number of businesses simply don’t encrypt the data that they store on their internal network. Cyber attackers are establishing ways to circumvent encryption, stealing data at rest and encrypting it while routing it to known malware locations.
For SMEs it means point solutions alone (such as Anti-Virus and Perimeter Firewalls) are becoming less effective and an integrated threat defence is a must for identifying emerging threats.
Compromising Security Through WordPress
Within the SME sector WordPress has emerged as a pivotal platform to build and maintain websites. This has also benefitted attackers who see it as a cost effective way to launching ransomware, bank fraud and phishing attacks.
Dormant WordPress sites are now being used more extensively as relay agents and the number of WordPress domains that were adopted for this purpose by malicious groups increased by 221% between February and October 2015.
Poorly maintained sites are being exploited too as a result of weak security. This can be using an outdated version of WordPress that isn’t up to date security wise, inadequate admin passwords or running plugins that are missing the latest security patches.
Web security that analyses traffic coming from WordPress websites is a must going forward in 2016.
Creating Updated Infrastructure Resilience
Many organisations who try and save money neglect to update their security infrastructure and this leaves them wide open to security compromises.
Cisco found that 92% of the sample they ran on various internet enabled infrastructure devices were vulnerable from a security standpoint and 8% had reached their end of life making the more vulnerable to exploits. Put simply, organisations are failing to properly upgrade their security infrastructure.
The big point to take away from this from a SME perspective is to be proactive regarding IT security rather than only acting when this security is infiltrated.
Are SMEs Really the Weak Link?
We mentioned in our previous post that SMEs can be seen as a weak link when it comes to IT security.
SMEs are less likely to use incident response teams or outsource their security operation to security experts. Another report showed that 33% of UK organisations handle their security internally while this figure drops to 20% for other countries.
These two aspects alone make them increasingly vulnerable to cyber attacks and data compromises with only 51% of companies that have 500 or fewer employees actively patching and upgrading their security.
The fact that SMEs are also less likely to have experienced a major data breach up to this point makes them unprepared to know how to respond and also how to prevent it happening in the future. According to a recent government report the average cost of an IT security breach for an SME can rise to as high as £310,800 which can have devastating financial effects for the business.
In the third part of our series we are going to look at what the future holds for IT security in 2016 and beyond.