TTO – In 2020, small and medium enterprises suffered 43% of cyber attacks, with an average loss of more than 4.2 billion VND. Many risks continue to lurk in 2021. According to predictions of many security companies about the cybersecurity situation for businesses – especially small and medium enterprises (SMEs), in 2021, cybercriminals will continue to attack, especially micro-enterprises and family businesses that do not have much money to invest in materials or hire information security personnel.
Malicious code that encrypts data demanding ransom (ransomware)
The type of malware that “extorts” businesses has flourished in 2020. They have expanded their attack targets from businesses to hospitals, medical and financial organizations, and essential infrastructure agencies in order to increase pressure and ransom value.
However, the level of understanding and vigilance about this type of malware among small, medium, and micro enterprises is still very limited.
A report from Coveware shows that Ransomware “favors” SMEs with less than 100 employees, with the number of attacks on this group accounting for 55%. They not only encrypt data for ransom but also blackmail victims to avoid having that data published online.
Phishing via email and mobile text messages
Statistics from Abnormal Security show that the number of phishing emails masquerading as invoices and payments increased by 81%, with each attack causing an average loss of 81,000 USD.
It is worth noting that the method of phishing via mobile messages with links is easier to trick the victim into subjectively clicking on the link on a smartphone than on a computer, so it has begun to be exploited by hackers. waterfall.
According to Kaspersky Lab’s prediction, more and more companies are incorporating cloud platforms in their business models due to the convenience and scale they bring.
However, they are also vulnerable to attacks if they make security mistakes and do not implement appropriate cybersecurity measures, especially for businesses that are just starting to use cloud platforms.
According to cybersecurity experts, the COVID-19 pandemic forced small and medium-sized businesses to apply remote working for employees and this is a great risk to business information security.
They can access business accounts from public Wi-Fi networks that are vulnerable to attacks. The devices such as computers or smartphones they use are not as tightly protected as computers or office equipment maintained by the information technology team.
Loopholes in commonly used software such as Microsoft Office, Adobe PDF, web browsers, etc. that have not been updated with patches from the publisher are also vulnerabilities for criminals to attack the network.
Experts recommend that leaders of small and medium-sized enterprises should have a systematic plan for information security, recruit staff in charge, or hire outside services. The first step is to review the entire network system, database, equipment, and authorization of the enterprise; parallel backup offline and online on the cloud platform; Train and guide remote employees on methods to ensure safety when connecting to common business data…
Vina Aspire is a consulting company, providing IT solutions and services, network security, information security & safety in Vietnam. Vina Aspire’s team includes skilled, qualified, experienced and reputable experts and collaborators, along with major domestic and foreign investors and partners to join hands in building.
Businesses and organizations wishing to contact Vina Aspire Company with the following information:
Email: info@vina-aspire.com | Website: www.vina-aspire.com
Tel: +84 944 004 666 | Fax: +84 28 3535 0668
Vina Aspire – Vững bảo mật, trọn niềm tin
