In this guide we will talk about cybersecurity for small-network operators.
Here, you will learn about:
- What are the current threats small-network operators face
- Why some small-network operators don’t take cybersecurity seriously
- Why small-networks are becoming a more frequent target for cyber-criminals
- Practical tips of increasing the security of your network
We expect to notice cybersecurity news. The screamer headlines jostle for our attention, coming in waves via print, electronic, and social media. But aren’t cybersecurity exploits just part of our modern world, the problem of mid-sized and enterprise companies?
Not anymore.
You might be working with outdated ideas about cybersecurity and how to maintain it. Yes, larger companies have been juicy targets of cyber attackers. Damage caused by their exploits gets closer to home network and microbusiness users.
In fact, the federal government has started gathering small business cyberattack data. The days of cybersecurity innocence of small-network operators (SNOs) are gone forever. It’s time to wake up and read the FBI data.
Related guide: How to encrypt your internet connection
What is cybercrime risk? It’s the probability that hackers or cyberattackers will use advanced software techniques to get into your data or disrupt your business or personal devices.
Given the amount of uncertainty and concern that cybercrime produces, you’d expect a good amount of security-related awareness and concern among all businesses. But you’d be wrong. When it comes to microbusinesses, there’s little awareness and concern in the U.S.
Several of our guides have focused on the IT operations of families, solo practitioners, microbusinesses, and smaller professional practices. All of these groups include 10 or fewer people and operate small networks connected to the internet. In our lexicon, that makes them SNOs.
Statistics show that SNO security concerns differ from those of larger companies There’s a lot of cybercrime activity going on, but there’s far less concern in smaller companies.
For example:
Source: FCC
This odd indifference to security awareness and concern reflects unusual circumstances and belief in security-related myths.
During the height of the pandemic, Google blocked as many as 18 million pieces of COVID-themed malware and phishing emails every day. It takes just one virus or bit of bad email to get through the filters and convince a remote worker to click a link. And voila! An organization of any size must deal with the prospect of a crippling ransomware outage.
Also, most microbusinesses and individuals don’t realize that they are targets of cybercrime. It’s easy for small-network operators to assume that because their business uses antivirus software and other security controls, they are safe from attack.
This mistaken idea is part of a strange mythology, which includes ideas such as:
If that were ever true, it isn’t now. Changes in technology and cyberattack methods have changed this. Everyone with a credit card or healthcare program number can contribute to cybercrime returns. Cyber attackers can make money out of hacking individuals, whose user credentials are a primary target. When individuals are compromised, attackers can access corporate systems, hijack computers and web servers for botnets, and commit fraud by using stolen online identities.
Our research into dark web market prices released that he most-often sold items are those of individuals or small-businesses.
There are many reasons why cybercrooks view SNOs as easy pickings. They include:
Technology also plays a role in tipping the balance of modern cybercrime in favor of the bad guys.
Two quiet but significant changes in IT changed the security landscape for SNOs. These include the:
Big data speed and volume. Several years ago, when companies commercialized big data analytics products and services, the ability of internet-connected devices to process huge volumes of data quickly was a big part of the sales pitch.
Now, cybercriminals use high-speed, high-volume processes in a new way: to quickly gather valuable assets such as credit card numbers and healthcare data from many locations. Given the increasing value of the data—not to mention the higher information processing volume and speed—it all adds up. Before you know it, you’re talking serious money.
Monetizing via device control. But where does the money come from? Cyberattackers engage in inbound attacks when they breach a home or microbusiness network to target connected devices such as desktop computers, baby monitors, security cameras, and game consoles via the internet.
In outbound attack scenarios, bad actors use an inbound attack to control any number of home-based, internet-connected devices. Then, the cybercrooks use these devices to remotely put the captured IoT devices to work—for themselves. The exploit can be a DDoS, malware, or Trojan attack. The goal: overpower an asset, which can generate cash or perform a task such as overpower a utility grid.
In each case, the devices (bots) capture and automate the ability to obtain sensitive information, intercept communications, or launch attacks against other external targets, hundreds and thousands of devices at a time. And did I mention that AI often guides the process to ensure smooth command and control? Does it sound like science fiction? I thought so too, until Princeton IT security researchers simulated an army of botnet devices attacking a power grid.
Cybersecurity attacks have always mattered to their victims, whoever they might be. They are real events that cause real pain and business damage. These losses include personal identity theft, lost proprietary information, business recovery costs, and business reputations. But now, statistics show that cyberattacks are getting personal—they involve small businesses and individuals.
What happened? Why do cyberattackers bother with the little guy? Until recently, the financial gain wasn’t worth the effort of dealing with small “accounts.” The ability to operate high-speed, high-volume data searches for personal and business information has become a new type of data analytics operation.
When analysts reviewed home network activity in 2017, there was a 3:1 ratio of outbound attacks to inbound attacks. That is there were three times more instances of home devices being used to attack the internet.
Helps to finance cybercrime infrastructure. This is the main reason why SNO-level cybercrime matters. It’s possible to combine the returns of many small exploits to finance larger cybercrime operations such ransomware and cryptomining (the shady if not illegal practice of using other people’s electronic assets to generate cryptocurrency).
Is it possible to reduce the risk of cybercrime in a truly small business? After all, SNOs ten or fewer employees. It’s a place where money doesn’t hang on trees, and resource allocation decisions are often hard to make. Usually, the “IT Manager” also wears one (or more) hats. IN other words, there’s only so much time, effort, and money to address a problem that might turn out to be high-quality guesswork.
There is an answer to the question, “What does it take to protect my business from cyberattacks?” If you regard security as absolute (reducing risk to zero), you’re out of luck. Risk will never go away. But what if you want to reduce risk to a point where cybercrooks give up on your network ops and look elsewhere for easier pickings? Yes, you can do that. In general, your message would have to say:
“Go away. In spite of my network’s small size, I run serious security operations here. Find someone who isn’t as determined, consistent, and security-savvy as I am.”
It’s difficult to say exactly what would work because best practice recommendations for SNOs, hardware tools, and software are changing. But generally, a persuasive approach would include:
There is no doubt, setting up and maintaining even a modest security effort will take more time, effort, and cash than you would like. There is an alternative, however—a third-party security service. (We take a detailed look at this possibility next time.)
When you read the following list of cyberthreats, don’t be discouraged. Yes, the list is long, but so is the list of ways to reduce that risk. When I write about cybersecurity, the same recommendations show up again and again (I bet you’ve noticed that.) So, here’s a list of preventive measures, which will cut the risk of most SNO cyberattacks:
Notice that most of these guidelines involve behavior—yours. The others (firewall and phishing toolbars are available at no cost online. But let’s review the major network cyberthreats and what it takes to reduce the risk of each of them specifically:
Reduce phishing risk by following the general guidelines above, especially phishing toolbars.
Reduce virus risk by following our general recommendations listed above.
Reduce the risk of fake antivirus software by following the general guidelines listed above. In addition:
Ensure that you’re leaving no gaps in your security protection by:
The burly, big brother of denial of service (DoS) exploits, DDoS attacks use up to thousands of internet-connected devices (bots) to carry out complex attacks on everything from e-commerce sites to utility grids. They create damage directly by stopping service to online users or by providing cover for other types of damaging attacks.
Reduce risk of DDoS attacks by following our general guidelines. Then, consider increasing your network bandwidth and signing up for cloud-based network support services.
Reduce risk of man in the middle attacks by following our general guidelines, especially the recommendation of acquiring a good VPN.
Often, when you allow software to change your OS, a rootkit installs itself in your computer and waits for a malicious actor to activate it. Then cyberattackers can log keystrokes, steal passwords, and disable antivirus software, usually with users unaware that malware is present.
Reduce rootkit risk by avoiding their underlying causes—phishing emails, malicious links, suspicious files, and downloading software from suspicious websites.
So, why don’t SNOs take potential disruption and damage to their small-networks operations more seriously? They probably haven’t been confronted with examples of the disruption and costs of microbusiness cybercrime.
Most of what we read and hear tells the story of someone else’s problem. Well, that’s changed. Now, it’s time to remember that:
Any time you hear someone claim, “But I don’t have the time, money, or staff to secure my MNO,” remember you don’t have to be a cybersecurity victim. Energy and resourcefulness can fuel a successful SNO security program.