When a small business owner is faced with the responsibilities of production economics, financial reports and marketing all at the same time, cybersecurity can often appear complicated and, at times, unnecessary according to a research by Kaspersky
Kaspersky, a multinational cybersecurity and anti-virus provider thinks this disregard for IT security is being exploited by cybercriminals. Kaspersky researchers assessed the dynamics of attacks on small and medium-sized businesses between January and April 2022 and the same period in 2021, to identify which threats pose an increasing danger to entrepreneurs.
According to Kaspersky, in the year 2022, the number of Trojan-PSW (Password Stealing Ware) detections in Nigeria more than doubled when compared to the same period in 2021 - 2654 detections in 2022 compared to 1076 in 2021. Trojan-PSW is a malware that steals passwords, along with other account information, which then allows attackers to gain access to the corporate network and steal sensitive information.
Kaspersky says another popular attack tool used on small businesses is internet attacks, specifically, web pages with redirects to exploits, sites containing exploits and other malicious programmes, and botnet C&C centres, among others. While the number of these attacks decreased in the first four months of 2022 in Nigeria (56,836 infections in 2022 compared to 99,146 infections in 2021), internet attacks are still a concern and need to be protected against.
With the shift towards remote working, many companies have introduced the Remote Desktop Protocol (RDP), a technology that enables computers on the same corporate network to be linked together and accessed remotely, even when the employees are at home. The number of attacks on RDP has increased significantly in Nigeria, by 89%. In the first four months of 2021, there were 161,000 RDP attacks detected and blocked by Kaspersky in the country. For the same period in 2022, the number has risen to 303,500 attacks.
Having a special security solution enables attack visualisation and provides IT administrators with a convenient tool for incident analysis. The faster they can analyse where and how a leak occurred, the better they will be able to solve any negative consequences. Kaspersky recently unveiled their new edition of endpoint security cloud, dubbed Kaspersky Endpoint Security Cloud Pro, which is said to contain capabilities, including automated response options and an extended set of security controls in a single solution. The Pro version also includes built-in training for IT workers seeking to boost their cybersecurity skills and make the most out of their specialised security products.
The updated Kaspersky Small Office Security is a key tool for startups, small online stores and local businesses with limited IT capabilities to keep all of their work devices protected, safely transfer any valuable business-related files and avoid falling victim to ransomware.
“With the shift to remote working and the introduction of numerous advanced technologies in the daily operations of even small companies, security measures need to evolve to support these sophisticated setups. Cybercriminals are already way ahead of the curve, so much so that virtually every organisation will experience a breach attempt at some point,” commented Denis Parinov, security researcher at Kaspersky.
“For small companies today, it's not a matter of whether a cybersecurity incident will happen but when. Having trained staff and an educated IT specialist is no longer a luxury but a must-have part of your business development,” Denis added.