When the pandemic first struck and countries across the globe went into lockdown, governments, businesses and communities were forced to completely recalibrate their ways of working as they learnt to adapt to this entirely unprecedented threat. Simultaneously, organisations were forced to adapt to an entirely different kind of threat.
By April 2020,* cyber attackers had started to take advantage of the instability that the pandemic had caused for businesses, hacking large, multinational corporations including the likes of Magellan Health, Marriott Hotels and the World Health Organisation.
Now in this current threat landscape, it is all but inevitable that a business will become the target of a hacker in some shape or form. To prevent malicious actors from causing irreparable financial and reputational damage, businesses must ensure that they are equipped with every preventative measure in their arsenal.
A changing threat landscape
Although large corporations were the primary target for hackers during the initial wave of the pandemic, reports* are indicating that this trend has shifted and SMBs are now most at risk from cyberattacks. Hackers have started to pivot towards smaller organisations because, although there is a lower maximum gain, they have a higher chance of success due to the lack of sophisticated security defences SMBs typically have in place.
In addition, SMBs also stand to lose the most if they are exposed to an attack. Reports show that 60% of SMBs go out of business within six months of a data breach. As a result, smaller companies have no choice but to acquiesce to ransomware requests, making them the prime target for hackers.
Similarly, just as cyber attackers have shifted their focus from larger corporations to SMBs, they have also altered their style of attacks. For example, the proportion of malicious email traffic increased from 12% at pre-pandemic levels, to more than 60% just six weeks after the UK’s first lockdown was announced.*
Even more alarmingly, cyber criminals are becoming more sophisticated in their attacks and are exploiting unknown software security flaws called ‘zero-day threats’ to threaten their victims. According to WatchGuard, Q1 2021 saw the highest level zero-day malware detections ever recorded, with approximately 74% of threats now being capable of circumventing conventional antivirus solutions.*
A style of attack that was once reserved for nation states and multinational conglomerates is now being used to hold SMBs hostage. As such, small businesses can no longer afford to have basic protection. They must develop a multi-layered protection plan in order to protect their business from the variety of threats that they are at risk of.
Advanced threats need advanced protection
Previously, most SMBs could acquire a solid level of protection from a standardised Unified Threat Management (UTM). Firewalls would successfully establish barriers against untrusted networks based on predetermined security rules. However, as the threat landscape is becoming increasingly advanced, UTMs are becoming less effective in preventing malicious attacks.
Sandboxing is an Advanced Threat Protection (ATP) technique, in which unknown file user patterns are taken into an isolated and safe environment to be contained, emulated and inspected. This process protects businesses from zero-day threats, as it executes the traffic command in an isolated environment that is separate from the core network, in order to test if it is malicious or not. If the sandbox detects a threat, it will be deleted or quarantined.
Sandboxing is an invaluable security resource for SMBs as it prevents malware from ever entering a network, offering a comprehensive level of protection that cannot be obtained from a standard UTM. Despite this, smaller businesses have historically overlooked sandboxing due to the high costs associated. But with targeted zero-day threats becoming increasingly popular, the scales have tipped. SMBs can no longer afford not to embrace a sandboxing solution.
The great sandbox in the cloud
The pandemic has also demonstrated the superiority of cloud sandboxing over appliance-based solutions, as a cloud sandboxing solution allows organisations to protect their workforce remotely.
Reports show that data breaches have increased by a third during the pandemic,* which can largely be attributed to remote working. Employees who work at home are forced to use their personal WiFi networks and personal devices that have lower levels of security in place, putting businesses at greater risk of getting their networks hijacked.
A cloud-based sandboxing solution will prevent malicious actors from accessing a business’s core network by protecting the edge network. Therefore, SMBs with remote employees should opt for a cloud-based sandboxing solution, as it creates a secure network, regardless of the employee’s location.
As long as hybrid working is the norm and sophisticated zero-day threats continue to plague businesses, SMBs have no choice but to embrace cloud sandboxing to mitigate the dangers created by remote working.
Sources: Forbes, Acronis, cybersecurityventures.com, The Guardian, help net security
Sources: Forbes, Acronis, cybersecurityventures.com, The Guardian, help net security
