Small businesses might depend on the internet for productivity and sales, but unfettered access to the web can lead to serious cybersecurity incidents. Anything from malware downloads to phishing is common on the web, and employees unable to detect and identify malicious web applications are primary targets. Small businesses often think they aren’t a target, but actually, small businesses are the perfect target for cyber-criminals. The reduced security staff, monitoring and mitigation infrastructure, and lack of cybersecurity training make small businesses a profitable target for cyber-criminal groups.
Did You Know?
businesses experienced a DNS attack
malware & spyware domains categorised a day
predefined categories by default
of websites tested by Google for malware were infected
What Threats Target Small Businesses?
A small business (SMB) often has a collection of data including customer information and personally identifiable information (PII) on employees. If the SMB collects financial information from customers, then it’s stored in a location that must follow compliance standards. Without the right security staff to ensure the protection of SMB data, the data is often stored insecurely with several vulnerabilities open for exploits.
Virtual exploits aren’t the only type of attack on an SMB system. The human element is also a vulnerability, and it’s usually the weakest link in any cybersecurity strategy. Social engineering is an effective way for threats to gain access to sensitive data. Social engineering combined with phishing email messages is another effective way for attackers to gain access to sensitive data. Even with virtual threats, most of them start with malicious email or social engineering strategies.
Phishing is one of the biggest threats to an SMB. A phishing email could contain a link to a malicious website, or it could carry a payload in a file attachment. Some phishing threats target specific people within the organization, but others send malicious payloads to as many people as possible within the organization. It only takes one person to fall for the threat to completely destroy data and productivity or allow an attacker to gain access to infrastructure to silently steal data.
Ransomware is another common threat, and it can put an SMB out of business. In a successful ransomware attack, a targeted user is tricked into running malware on their local machine. The ransomware scans the network for important files, encrypts them with an irreversible cryptographically secure cipher, and then displays a message demanding money to release access to files. Most security researchers tell SMBs not to pay the ransom, but a new way for cyber-criminals to extort money out of victims is to blackmail them with the exposure of their customers’ data. The implication is that exposing customer data will destroy SMB brand trust and cause additional strain on revenue.
Malicious web pages tricking employees into divulging sensitive information including their system credentials are another major threat to business continuity for SMBs. A sophisticated threat could land an attacker full remote control of an internal system, and it would be difficult to detect without the right monitoring solutions in place. Many of these attacks also start with phishing and social engineering.
Blocking Cybersecurity Threats Targeting SMBs with Content Filters
Most threats targeting SMBs are for monetary purposes, so it’s not uncommon for an SMB to experience several attacks every week. Most threats start with a phishing email. The phishing email contains a link to a malicious web page, usually created to look like a legitimate business website. Once the targeted victim enters credentials, the attacker uses them to authenticate into your system.
To fight these types of threats – and any threat that focuses on web-based technology – SMBs can install web content filters. Web content filters are the shields that protect users from falling victim to phishing. It’s best to have email cybersecurity that blocks malicious messages, but an added layer of security is always a good strategy. A good web content filter is an effective security layer that stops employees from accessing malicious websites.
WebTitan takes web content filtering a step further and uses DNS-based content filters. DNS is the protocol necessary on the internet to perform a lookup for the IP address associated with the friendly domain name. With DNS-based filtering, the domain is blocked when browsers perform the lookup. When the user clicks the malicious link, the browser performs the lookup using DNS, and WebTitan’s solution ensures that the domain is not listed as a malicious provider. If the domain is blacklisted, the user is unable to download anything from the malicious domain.
DNS-based content filtering is preferred over standard antivirus solutions. All SMB machines should have an antivirus installed, but DNS content filters stop employees from downloading malicious content and relying on the accuracy of an antivirus program. Should you use the former strategy, the malware will still install if the antivirus program does not block it. Zero-day threats are made to avoid antivirus detection, so it’s common for antivirus software to fail when a new sophisticated threat is released into the wild.
Blocking users from clicking malicious links in a phishing email isn’t the only advantage of DNS-based content filters. Any download triggered on a user’s computer would be blocked. Downloadable malware files also require a DNS lookup prior to accessing the file, so users would be unable to download files link in phishing email messages. Any web-based application built to trick users into divulging sensitive information is blocked with WebTitan DNS-based content filters.
Administrators can configure WebTitan to block other inappropriate content based on categories, so an SMB can block more than malicious content. Content that should not be accessed on a work computer can be blocked using WebTitan’s simple configuration dashboard. The WebTitan product runs in the cloud, so it’s also useful for managed service providers responsible for protecting customer environments.
Combining email cybersecurity with WebTitan web filtering reduces risk of phishing and social engineering to a fraction of what you currently have within your organization without them. Employee training is effective in reducing risk, but it still leaves your data protection to human intervention, which is proven to be a viable way to bypass security infrastructure. With WebTitan, employees are given an added layer of security so that your organization is much more secure from attackers.
Susan Morrow
- DNS FILTERING
- WEB FILTERING
- CONTENT FILTERING