Events

02
May
2023

Three SMB Cybersecurity Statistics

Three SMB Cybersecurity StatisticsNew data shows that small and medium-sized businesses (SMBs) are at greater risk of a cybersecurity incident, statistically least prepared, and are being attacked at a greater rate. SMB cyberattacks are underreported; they are not making headlines for breaches like larger corporations are. Additionally, large corporations continue to invest in the latest practices like zero trust and layered security systems. SMBs used to be largely ignored as too small of targets, but criminals are opportunists, and more frequent small attacks are the current trend.

Cybercriminals are pivoting to SMBs as smaller but easier targets. SMBs account for 43% of cyber attacks, and studies show that the number is growing. Criminals are also turning to more targeted sophisticated attacks for SMBs previously reserved for large clients. Whale phishing, a term that used to be used to describe a highly researched and sophisticated attack targeting senior executives, has largely gone by the wayside. Criminals are now using the same tactics with the help of AI and publicly available information to target all levels of employees. SMBs typically lack the resources or do not prioritize cybersecurity like larger businesses.

When incidents do occur, many SMBs choose not to report them to law enforcement because they fear negative press or backlash from their customer base resulting in further loss of revenue. 60% of SMBs are forced out of business six months after a security breach, so their concern over the loss of revenue is valid. Unfortunately, this trend impedes the US Justice Department Cyber-Digital Task Force from doing its job and stopping further attacks.

Only 14% of SMBs rate their ability to handle a cybersecurity incident highly effective, and 47% of SMBs self-report that they do not understand how to protect themselves against an incident. Quanexus specializes in SMB cybersecurity and can adapt to individual business needs, including financial and healthcare businesses. Reach out today if you have questions about the services we provide to see if we would be a good fit for your business.

Quanexus IT Support Services for Dayton and Cincinnati

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Charles Wright in Cybersecurity, Information Security, Small Business
25
Apr
2023

Supply Chain Compromise

Supply Chain CompromiseAs businesses become more interconnected, there is an increased risk of a cyber attack originating from a third-party vendor. In 2022 there were 40% more supply chain attacks than malware attacks, so the need for security between businesses is becoming a greater concern. Supply chain compromise is an attack that originates from a vendor, supplier, or employee through the devices or software used in manufacturing and distribution. This tactic is used instead of targeting individual end users because the opportunity for compromise and data collection is much greater.

The voice-over IP vendor 3CX is in the news because of a supply chain attack that was passed on to its customers. The malicious code was distributed to desktop computers through an automatic update but originated from another supply chain compromise in an interesting and informative way. The attack is already being cited as on the same scale as the SolarWinds attack. Investigators said the attackers have ties to North Korea and were interested in gathering data instead of encryption for ransom.

Supply chain attacks from third-party software vendors are difficult to detect because, as in this case, the vendor has control of company systems and decides when they push out an auto-update. 3CX investigated the compromise and disclosed that one of their employees downloaded out-of-date software used to trade stocks to their personal computer. The stock trading software was compromised, and the attackers were able to gain 3CX credentials and move laterally through the systems to create a malicious software update that would be distributed to the 3CX customers.

There are a couple of red flags from this early reporting and disclosure. Hackers were able to steal company credentials from an employee’s personal computer, and once inside, they could move laterally around the system with access to software updates. Without more information, it sounds like the principle of lease privilege should be added to the layered security system. Employees should only have access to the data they need to do their job. If hackers could move through the system at will, initial reports suggest segmentation is not in place in the data security practices either.

Quanexus IT Support Services for Dayton and Cincinnati

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Charles Wright in Back to Basics, Cybersecurity, Information Security, Recent Posts, Small Business
04
Apr
2023

Cyber Insurance Raising the Bar

Cyber Insurance Raising the BarMany small and medium-sized businesses are still on the fence about the cost and benefits of cyber insurance, but for those companies who are taking the leap, the process is drastically improving their security discipline. The growing concern over cybersecurity over the past few years has convinced over 25% of small and medium-sized businesses (SMBs) to add cyber insurance to their security portfolio. The cost of a ransomware incident, production loss, and public reputation are contributing factors to SMBs turning to cyber insurance. However, about 58% of businesses still question the cost/benefit value of the service.

Security professionals, however, are seeing an unexpected benefit of the cyber insurance wave; businesses have to increase their level of security and security practices to be approved for insurance. Cyber insurance companies have been hit hard over the past few years with the increase of ransomware; the average cost of a compromise was $9.4 million in 2022. Insurance companies quickly discovered many SMBs were using outdated security controls that were easily compromised. The result is much higher standards in order to qualify for insurance in 2023. Companies must demonstrate a high level of layered security through extensive documentation and agree to maintain that level of security to keep coverage.

What this means for SMBs who seek cyber insurance is they have a much greater defense against cyber threats by participating in the auditing process. Then, if a cyber event does occur, they have insurance coverage to fall back on. Many small businesses do not have the internal resources capable of completing the cyber insurance process, so they consult with an MSPs like Quanexus. The Quanexus Q-stack is an example of the kind of layered security insurance companies are looking for a small business to demonstrate. If your business is ready to join the 25% and explore cyber insurance, please reach out to us and see if we are a good fit for your needs.

Quanexus IT Support Services for Dayton and Cincinnati

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Charles Wright in Cybersecurity, Information Security, Small Business
28
Mar
2023

BEC Overtakes Ransomware

BEC Overtakes RansomwareA new study found that Business Email Compromise (BEC) rose to the most popular attack vector surpassing ransomware in 2022. The increase in email compromise has been attributed to a rise in successful phishing attacks, which went from 13% in 2021 to 33% in 2022. Phishing campaigns are becoming more sophisticated, combining publicly available information with breached data for highly tailored spear phishing attacks. Additionally, non-native speakers are using AI to compose more convincing-sounding messages that do not raise the red flags of previous years.

There are two types of BEC.  First, the most common attack vector uses an email address similar to a coworker or business contact to trick an employee into approving an invoice or providing the criminal with information. In the second, more rare form of BEC, the criminal has access to the actual login credentials of the employee and uses their business email to steal money or information. In both cases, criminals have a highly informed understanding of the working relationship between business contacts in order to craft a believable spear phishing campaign.

A new version of this tactic is for criminals to order expensive construction materials, supplies, or hardware from a vendor impersonating a client they commonly do business with. Through the use of Net-30 or Net-60 payment terms many industries operate under, criminals can make off with the materials long before the company questions the transaction.

From a security standpoint, employees should be aware that BEC attacks are on the rise and should be encouraged to flag orders that appear out of the ordinary. Businesses should confirm orders through known client phone numbers and never phone numbers listed in the suspected email. Email filtering can help reduce BEC attacks that use outside domains. Lastly, users should be reminded not to click links in emails but type the known URL into a browser directly.

Quanexus IT Support Services for Dayton and Cincinnati

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Charles Wright in Cybersecurity, Information Security, Recent Posts, Small Business