Top 5 Cyberthreats SMEs Need To Watch Out For In 2023

Small and medium-sized enterprises (SMEs) are great contributors to the global economy. According to the World Trade Organization, SMEs represent more than 90 per cent of all businesses worldwide.

Due to cyberattacks, businesses may lose confidential information, finances, valuable market share – and there are plenty of ways criminals are trying to reach their goals. Small enterprises consider a cybersecurity incident as one of the most challenging types of crises. Kaspersky experts analysed vulnerable points SMEs might have and outlined some major cyberthreats for entrepreneurs that they must be aware of in 2023.

1. Data leaks caused by employees

There are different ways a company’s data may be leaked – and, in certain cases, it might happen involuntarily. During the pandemic, many remote workers used corporate computers for entertainment purposes, such as playing online games, watching movies, or use e-learning platforms – something that continues to pose financial threats to organisations. This trend is here to stay, and while during 2020 (the year of the pandemic), 46 per cent of employees had never worked remotely before, now two-thirds of them state they wouldn’t go back to the office, with the rest claiming to have a shorter office work week.

The level of cybersecurity after the pandemic and initial adoption of remote work by organisations all together has improved. Nevertheless, corporate computers used for entertainment purposes remain one of the most important ways to get initial access to a company’s network. Looking for alternative sources to download an episode of a show or a newly released film, users encounter various types of malware, including Trojans, spyware and backdoors, as well as adware.

According to Kaspersky statistics, 35 per cent of users who faced threats under the guise of streaming platforms were affected by Trojans. If such malware ends up on a corporate computer, attackers could even penetrate the corporate network and search for and steal sensitive information, including both business development secrets and employees’ personal data.

2. DDoS attacks

Distributed Network Attacks are often referred to as Distributed Denial of Service (DDoS) attacks. This type of attack takes advantage of the specific capacity limits that apply to any network resources – such as the infrastructure that enables a company’s website. The DDoS attack will send multiple requests to the attacked web resource – with the aim of exceeding the website’s capacity to handle multiple requests and prevent the website from functioning correctly.

Attackers resort to different sources to perform acts on organisations such as banks, media assets, or retailers – all frequently affected by DDoS attacks. Moreover, DDoS attacks on online retailers tend to spike during holiday seasons, when their customers are most active.

There is also a growing trend towards gaming companies gaining scale. The North American data centers of Final Fantasy 14 were attacked in early August. Players experienced connection, login, and data-sharing issues. Blizzard’s multiplayer games — Call of Duty, World of Warcraft, Overwatch, Hearthstone, and Diablo: Immortal — were also DDoSed yet again.

Many DDoS attacks go unreported because the payout amounts are often not terribly big.

3. Supply chain

Being attacked through a supply chain typically means a service or program that an organisation has been using for some time has become malicious. These are attacks delivered through the company’s vendors or suppliers – the examples can include financial institutions, logistics partners, or even a food delivery service. And such actions may vary in its complexity or destructiveness.

For example, attackers used ExPetr (aka NotPetya) to compromise the automatic update system of accounting software called M.E.Doc, forcing it to deliver the ransomware to all customers. As a result, ExPetr caused millions in losses, infecting both large companies and small businesses.

Another example is CCleaner, one of the most famous programs for system registry cleaning. It is widely used by both home users and system administrators. At some point, attackers compromised the program developer’s compilation environment, equipping several versions with a backdoor. For a month these compromised versions were distributed from the company’s official websites, and downloaded 2.27 million times, and at least 1.65 million copies of the malware attempted to communicate with the criminals’ servers.

4. Malware

If one downloads illegitimate files, they have to make sure these files do no harm. The most emerging threats are the encryptors that chase a company’s data, money, or even personal information of its owners. To support this, it’s worth to mention that more than a quarter of small and medium-sized enterprises opt for pirated, or unlicensed software to cut costs. Such software may include some malicious or unwanted files that may exploit corporate computers and networks.

Additionally, business owners must be aware of access brokers as such layers of groups will cause SMEs harm in a variety of ways in 2023. Their illegal-access customers include cryptojacking clients, banking password stealers, ransomware, cookie stealers, and other problematic malware. One of the examples is Emotet, malware that steals banking credentials and targets organisations around the world. Another group that targets small and medium-size enterprises is DeathStalker, best known for its attacks on legal, financial and travel entities. The group’s main goals rely on looting confidential information regarding legal disputes involving VIPs and large financial assets, competitive business intelligence as well as insights into mergers and acquisitions.

5. Social engineering

Since the onset of the COVID-19 pandemic, many companies have moved much of their workflows online and learned to use new collaboration tools. In particular, Microsoft’s Office 365 suite has seen a lot more use — and, to no one’s surprise, phishing now increasingly targets those user accounts. Scammers have been resorting to all sorts of tricks to get business users to enter their passwords on a website made to look like Microsoft’s sign-in page.

Kaspersky has uncovered many new ways how phishing scammers are trying to fool business owners, which sometimes turn out to be quite elaborative. Some are mimicking loan or delivery services – by sharing false websites or sending emails with fake accounting documents.

Some attackers masquerade as legitimate online platforms to get profit out of their victims: it may be even quite popular money transfer services, such as Wise Transfer.