Cyberattacks have steadily increased in frequency and magnitude in recent years, with large-scale incidents garnering national attention. While many think that cybersecurity concerns are limited to major corporations, small- and medium-sized businesses are just as susceptible to these threats—they may even be more susceptible since they often lack a significant cybersecurity budget. Each year, small businesses account for 43% of cyberattacks, and 46% affect small businesses with 1,000 or fewer employees.
Despite this prevalence, 56% of small business owners said they are not concerned about becoming the victim of a cyberattack. Whether your company has 5 or 5,000 employees, it is imperative to recognize the risks and learn how to combat them. Here are three cyberattack trends expected to rule 2024 and the protective measures your business should know.
1. Social engineering
Cyberattacks that capitalize on human error are steadily on the rise. Social engineering involves attacks that rely on psychological and emotional manipulation rather than technical or digital system vulnerabilities. MGM Resorts International is one of the newest and most notable victims of a crippling cyberattack that stemmed from social engineering, showcasing the risks of gambling with your IT security.
A major hacking group allegedly accessed MGM's network after finding an employee on LinkedIn and successfully impersonating that employee by calling their help desk and requesting access. As a result of the attack, MGM:
Although it's coined as a newer concept, social engineering has plagued the world for decades. From its humble origins as rudimentary scam efforts, it has grown into large-scale endeavors where hackers use the power of persuasion to access information and systems with bad intentions. Jason Monroe, Director of Solution Consulting at Bit-Wizards, describes it as the latest evolution of ridiculous email schemes that still manage to claim plenty of victims.
"At its core, social engineering is the more advanced version of emails you'd get from a Nigerian prince asking for help transferring a large sum of money," Monroe says. "It's a tried-and-true method that's continued to change as the internet expands."
While more formidable hacker groups that pursue major companies get the most attention, small-scale hackers that target small- and medium-sized businesses are more prevalent than many expect. Using fake calls or emails from major companies like Microsoft or Facebook, hackers utilize social engineering to gain the trust, information, and advantage needed to execute a successful cyberattack.
How can I protect my business from social engineering?
Hackers must be persuasive to use social engineering to their advantage. Fortunately, they often lack the proof needed to confirm that their requests are genuine, so a healthy sense of distrust and hesitation can be your employees' most significant advantage. Brian Schlechter, MITS Technical Team Manager at Bit-Wizards, shares a surprisingly simple yet effective approach to handling suspicious requests.
"Ask them for a reference or ticket number, and do some investigating before you respond," says Schlechter. "If it’s a company calling, find that company's phone number or email address on their website, contact them that way, and verify that the request is legitimate."
For businesses concerned about receiving phony requests to their IT help desks, Schlechter mentions that some ticketing systems can connect with a Multi-Factor Authentication (MFA) system to verify each request. Many companies will send a one-time code via email or text that you need to verify to access your account. Help desk ticket systems can use MFA in the same way to ensure your IT team receives legitimate requests for support.
As its name suggests, ransomware involves hackers accessing a person or company's data, holding it hostage through encryption, and demanding a ransom payment to unencrypt it. According to the IBM Security X-Force Threat Intelligence Index 2023, ransomware attacks accounted for 17% of cyberattacks in 2022. In one of 2023's more prominent ransomware attacks, Caesars Entertainment paid a roughly $15 million ransom after hackers acquired a copy of customer data, including driver's licenses and Social Security numbers.
The severity of a ransomware attack relies on the type of information a hacker can access. Many believe that ransomware attacks happen without a trace and capture sensitive information, but there are ways to detect them. Monroe says these major instances are more detectable and hands-on than traditional encryption since it takes significant resources to get into someone’s computer, exfiltrate copies, and encrypt data.
Signs of a possible ransomware attack in progress include:
- Increased bandwidth usage
- Unusual international server connections
- Maxed-out server resources
Although many believe paying hackers is the best and easiest way to rescue their data, there's no guarantee that a company's data will be fully repaired. On average, businesses only restore 65% of encrypted data even after their ransoms are paid. Despite the seemingly straightforward premise, Schlechter explains that attempting to fix data after paying a ransom is far from simple.
"More likely than not, you've used technology before that didn't do what it was supposed to," Schlechter quips. "Hackers aren't going to act like tech support and walk you through the process of recovering your data, nor will they care about whether you can fix it."
What can I do to defend against ransomware?
While there are some measures you and your employees can take to protect against ransomware, you may not be able to stop every attempt. Business owners must establish, test, and maintain proper backups to be resilient during and after a ransomware attack. The best way to develop secure backups is in a "pull" format, where backups pull information from your server. In a pull configuration, backups cannot be accessed even if your server is impacted by ransomware.
"If you get ransomware that encrypts your data, it's no big deal if you have working backups," says Schlechter. "As long as hackers haven't exfiltrated your data, you can wipe everything, restore from backups, and carry on as usual."
On top of establishing backups, employee training is a crucial component of your company’s cybersecurity defenses. Relevant training should cover:
- Understanding the dangers of ransomware
- Identifying signs of phishing or malware attempts
- Avoiding suspicious downloads or links
- Maintaining updated software
- Using removable storage properly
- Reporting concerns to IT staff
3. MFA spamming
While MFA is a great protective asset that can help defend against social engineering, hackers have leveraged its drawbacks in a newer cyberattack variety. Also called MFA fatigue attacks, MFA spamming depends on employees approving verification requests without understanding the context of the prompt or considering whether they initiated them. While it's an effective security measure when used properly, hackers can leverage inconvenience to breach your account or network by overwhelming you with requests and hoping you accept one.
In one of the more significant incidents, Uber fell victim to an MFA hack in 2022 after a hacker leveraged MFA spamming, used WhatsApp to impersonate Uber IT support, and convinced a contractor to accept the verification request. While Uber claimed the impact was minimal, the real damage came from the hacker showcasing their ability to access Uber’s network and download certain information easily.
How can I stay safe from MFA fatigue?
Combating MFA spamming is much easier than it seems. Employee awareness and education are crucial tools in defending against MFA spam attempts. While one-off requests may indicate a program signing out and trying to sign in again in the background, repeated requests may indicate an attempt to breach an account. In any case, Schlechter urges people to deny MFA notifications if they even slightly doubt their origins.
"The worst consequence of denying an MFA request is that nothing happens," Schlechter says. "You can always ask for a request to be re-sent, especially if you don't recognize it."
Fortifying your security with Bit-Wizards
Besides these cyberattack trends, hackers are constantly working to find a better way to wreak havoc on your business. Business owners must match that energy and dedication in proactively protecting employee and customer data. Monroe explains that partnering with Bit-Wizards is a great way to help protect your business from bad actors and teach employees to exercise caution.
"As technology evolves and hackers get more sophisticated, we must keep changing the game," Monroe explains. "It's always going to be about who has the better mouse trap, and our team has over 20 years of experience staying ahead to protect our clients."
Our Managed IT Services (MITS) equip businesses with a full arsenal of security features like advanced threat protection, alert monitoring, regular backups, and more. With the MITS team at Bit-Wizards, you can relax knowing your business has a cost-effective, comprehensive solution that boosts security while enhancing productivity.
Ready to fortify your IT? Get in touch today.