How vulnerable are SMEs to Cyber Threats

The Singapore government sent shockwave throughout the industry when it announced in Jun 2016 the separation of internet surfing computer terminals with internal computer operations for the public sector. 

While this brings inconveniences to public sector employees, the solution could mitigate cyber threats, especially through accidental virus induction.  Such inadvertent introduction of malware occurs in the private sector too.

The Straits Times ran a report which interviewed industry players that one of the concerns raised was that SMEs are ‘soft targets' by cyber criminals.

In a report¹ by United Nations on cyber crime and SMEs, a survey conducted in several European countries pointed to a common mentality among the small and medium business owners and managers;

·                SMEs never thought they could become victim of cyber crime

·                SMEs find it hard to perceive cyber threats and their survival

·                SMEs that collaborate with major corporations are easy targets for criminals who wish to enter large corporations via backdoor

A UK company for example, MNH Platinum² had 12,000 files encrypted via ransomware and hackers demanded 3,000 pounds in ransom.  They money was subsequently paid up.

Gary11.png

The SMEs environment in Singapore faces identical situation.

The WannaCry ransomware wreaked havoc several months ago and going by anecdotal evidence, many affected SMEs went unreported.  It is not known how many got infected and how many paid up.

Ransomware is one of the techniques for cyber criminals to earn money at someone's expenses.

Hackers would find the most efficient ways to do so.

¹ http://www.unicri.it/news/files/Research-Guidelines_for_IT_Security_of_SMEs-Flavia_Zappa_FINAL.pdf

² https://www.theguardian.com/small-business-network/2016/feb/08/huge-rise-hack-attacks-cyber-criminals-target-small-businesses

 

 

Gary Tan