The Latest SMB Data Breaches and How to Avoid Them

Recent Data Breaches Targeting SMBs

Data breaches targeting small and medium-sized businesses (SMBs) have been on the rise. Unlike large enterprises, SMBs often lack the resources and expertise to implement robust cybersecurity defenses. This makes them an attractive target for cybercriminals.

Some of the latest major data breaches impacting SMBs include:

• RansomHouse: This 2022 breach exposed data from over 1,000 companies after ransomware group RansomHouse infiltrated Kaseya, an IT management software provider. Many of Kaseya’s customers are SMBs. The attackers encrypted networks and demanded ransoms.

• REvil: The Russia-linked REvil cybercrime ring breached over 20 Texas municipalities and Johannesburg city systems in 2019. They demanded large ransoms to decrypt the data. Most victims were smaller local governments with limited security budgets.

• Maze: Maze ransomware operators claimed to steal data from hundreds of companies in 2020. They published data from victims who refused to pay the ransom, including SMBs like appliance parts distributor Konica Minolta Business Solutions and Canadian agricultural manufacturer Nutrien Ag Solutions.

Why SMBs Are Attractive Targets

SMBs often have data that is just as sensitive as large enterprises, but lack equivalent security. Reasons SMBs struggle with cybersecurity include:

• Limited resources: SMBs have smaller security budgets and fewer specialized IT security staff compared to large companies. High-level security tools and services can be cost-prohibitive.

• Legacy systems: SMBs often utilize dated legacy systems and software which contain unpatched vulnerabilities that criminals can exploit. Upgrading these systems is complex and expensive.

• Lack of employee training: SMB employees often do not receive comprehensive cybersecurity awareness training. Simple human errors like phishing are a leading root cause of breaches.

• Weak vendor management: SMBs tend to have less oversight of third-party vendors that access their networks and data. Vendor negligence is a major source of data exposure.

Best Practices for SMB Cybersecurity

Though SMBs face challenges, following cybersecurity best practices can greatly reduce risks:

Enable Multifactor Authentication

Adding an extra step to logins via multifactor authentication (MFA) secures access in case of stolen credentials. MFA options like biometrics, security keys, and one-time codes protect against brute force attacks.

Install Endpoint Detection and Response Tools

EDR software continuously monitors networks, detects threats, and can automatically respond to contain the damage. EDR optimized for SMB budgets provides advanced protection without high costs.

Provide Staff Security Awareness Training

Training employees to spot phishing attempts, create strong passwords, avoid risky websites, and follow data handling policies greatly improves security posture. Tailored simulated phishing exercises help measure staff readiness.

Encrypt Sensitive Data

Encrypting data, communications, and devices protects confidential information if it falls into criminal hands. Free public key encryption options are available.

Implement Backup and Recovery Systems

Backups allow recovery of encrypted or deleted data and systems without paying ransoms. Test backups regularly for reliability. Store backups offline to prevent access during an attack.

Conclusion

SMBs continue to suffer data breaches from ransomware, phishing, and other attacks. By implementing fundamental best practices like MFA, staff training, encryption, EDR tools, and backup systems, SMBs can gain affordable and effective security against modern cyber threats. Proactively improving cyber hygiene reduces risks and helps SMBs avoid becoming the next victim.