Retail

Cyber security pitfalls and how negligence can be expensive for MSMEs


Micro, Small and Medium Enterprises (MSMEs) form the cornerstone of the Indian economy, with 633.9 lakh registered MSMEs and growing in number. But new companies entering the digital economy to expand their business can also become an easy target for malicious cyber criminals who can exploit critical vulnerabilities in their IT systems to launch attacks that can cripple their operations.

Because smaller businesses cannot afford to invest in sophisticated cybersecurity systems, they are more vulnerable to spam and phishing scams, distributed denial-of-service (DDoS) attacks, ransomware threats or a corporate account takeover (CATO).

In this article I will give you a quick introduction to these threats faced by MSMEs today, and discuss some ways in which companies can combat and protect themselves against these increasingly common security breaches in today’s Internet landscape.

Spam and Phishing Scams
India is the third most targeted country for phishing attacks across a global list of 111 countries, with cybercriminals stealing over 50 million passwords and thousands of financial login data sets from Indian users in the first seven months of 2022 alone. Attackers use phishing emails to trick employees into installing malware or sharing credentials providing access to the corporate network.

With malware available on lease the technical barrier for entry is low — even beginner scammers can use software built by third parties to steal and sell sensitive data on the dark web. Researchers estimate that the value of stolen data and compromised card details obtained through spam and phishing attacks exceed $5.8 million in the underground market.

Readers Also Like:  A world desperate for sugar sees it pile up in Brazilian ports

What is even more worrying is that attacks of this nature have jumped by 220% during the pandemic. A majority of phishing sites use brand names like Amazon, Paypal, Apple, WhatsApp, Netflix, Instagram and MS Office to target MSMEs and individuals who do not have the protections large corporations have.

Ransomware Attacks
Ransomware attacks are also on the rise, with 70% of Indian firms hit by ransomware disruptions in the last three years. By 2031, statistics show that there will be a ransomware attack every two seconds, so there is a need for urgent precautionary methods and technical safeguards.

As MSMEs move to the cloud to accelerate their digital transformation journey they run the risk of greater cyberattacks on the cloud. Security experts estimate that smaller organisations using Infrastructure as a Service (IaaS) are particularly vulnerable to these sorts of cyber extortion attempts when Ransomware does not allow employees to access files on their computer, it encrypts the files and demands a ransom payment for the decryption key.

Google Cloud includes built-in security and resiliency controls to help protect customers against ransomware attacks. These controls include global infrastructure designed with security throughout the information-processing lifecycle and tools like Mandiant which is an advanced level of security breach prevention solution.

DDoS (Distributed Denial of Service)
This category of malicious cyber-attacks that hackers use to make an online service, network resource or host machine unavailable to users online. This category of attacks is growing significantly across the world, with India ranking 2nd as the largest originator of HTTP-based DDoS traffic attacks, after China.

Readers Also Like:  Food prices resume decline despite lingering supply threats

CATO (Corporate Account Takeover)
CATOs or corporate account takeovers occur when cyber criminals gain control of systems within organisations by stealing sensitive employee credentials and information. Criminals can then initiate fraudulent money transfers and process transactions through the automated clearing house networks or ACH to any account.

The Chronicle framework offered as part of the Google Cloud Platform is a layer built on top of core Google Infrastructure which secures MSMEs from the twin threats posed by CATO & DDoS.

As the nature of threats continues to change and malware creators use increasingly hard-to-detect and sophisticated, new technologies to threaten vulnerable MSMEs, enterprises like Shivaami are focused on providing the latest cybersecurity tools on the Google Cloud Platform to combat these potential attacks.

The writer is CEO and MD Shivaami

ETRise MSME Day 2022 Mega Conclave with Industry Leaders. Watch Now.



READ SOURCE

This website uses cookies. By continuing to use this site, you accept our use of cookies.