Skip to main content

When it comes to cyberattacks, small businesses are often collateral damage

(Image credit: Image source: Shutterstock/GlebStock)

Large enterprises and international corporations are shining targets for hackers to gaze upon. From industrial espionage to ransomware, data theft is the obvious jackpot for the majority of malicious parties.

While much attention is paid to enterprise threats and risk management, there is little spoken about the risks to the thousands of small companies surrounding the locations of big corporations. This is extremely problematic when considering that many small and mid-sized businesses are now at risk of cyberattack simply by being geographically situated close to a Fortune 500.

Collateral damage is a term most often used to describe unintentional damage inflicted on an unintended target during war. Today, the phrase has real-world implications outside of physical combat. In fact, collateral damage in the cybersecurity industry defines situations in which malicious characters take aim at a big target (i.e. an enterprise), and incidentally find that while the main target is difficult to infiltrate, the smaller companies surrounding it are easy prey to breach. Ironic, because from an attackers’ perspective, there is no such thing as an unintended target, as all outcomes are considered an intended opportunity.

If done correctly and at a large enough scale, breaching small companies in the vicinity of an enterprise target may be equally as beneficial, and therefore most certainly worth the adversaries’ effort. Just like a fisherman throwing out his net, trying to catch the largest fish in the lake, when he strikes out a few times, he realises that there are so many smaller fish that his net has caught with minimal to no effort on his end.

MetLife in Manhattan as a representor of any other major corporation

Did you know that Metlife's headquarters in Manhattan has 8,740 active threats in the 5-mile radius? While Metlife has the time, money and resources to protect its assets from such threats, the hundreds of small businesses in its vicinity most certainly do not. The same is true for any major corporation, government institute, or financial establishment and its neighbours in that the large organisation has the ability to remain virtually threat-free, while the surrounding businesses are affected from attacks originally targeted at the enterprise.

Make no mistake, it’s no easy feat to effectively attack an enterprise the size of Metlife; companies of this stature are usually prepared for almost any scenario. But when attackers encounter the up-to-date top-of-the-line security blockade, they can easily identify thousands of other vulnerabilities surrounding the primary target, with much less (if any) security measures in place to stop exploitation.

Why are small businesses vulnerable in the cybersecurity ring?

Today, cybersecurity companies’ main client base is targeted at mostly large corporations that are able to pay the big cash for high-grade, extremely expensive systems set in place to protect their million-dollar servers. Add the need for greater manpower to handle the security solutions to the vast amount of money needed to pay in order to have such a system set in place, and it is easy to understand why many small businesses are choosing to waive on cybersecurity all together.

Although smaller companies can and often do understand the importance of implementing cybersecurity, owners and decision-makers frequently decide to forgo it and take on the risk. This despite having knowledge that it is much more difficult for a small company to recover from a cyberattack than it is for a larger organisation. However, the cost and the time it would take to have proper security put in place seems so out of reach, that they rather not have it at all.

The question is, if an attacker’s intended targets are larger organisations, how is it possible to get caught in the net of their attack?

It's actually quite simple. The methods used to implement cyber threats readily enable the perpetrator to simultaneously collect all data accessed through insecure networks and devices. So, an attack could begin with someone simply checking their work email while in line at the local coffee shop or when using as spoofed network at an airport.

In fact, the methods used to launch cyberattacks incidentally make small businesses the perfect target for attackers looking to access easy money. Originally, smaller companies may not have been the intended target, but since their security posture is often so weak or even non-existent, the opportunity for attackers is not just extremely low on risk, but it is also very high on reward.

Tips for small businesses to protect their assets from becoming collateral damage

Small businesses must understand that by standing in the shadow of big corporations, not only are they not protecting themselves or hiding from threats, but they are actually putting their organisations at even bigger risk. Thus, to reduce risk, it is imperative for small businesses to:

  • Look to the cloud– Companies already do so with data, collaboration and productivity tools in the cloud – so don’t be afraid to look for cloud-based security tools. They are more affordable, simpler to use and require little to no maintenance.
  • Work together– Cyber is not a technology problem. It’s a business problem. Find other SMBs in your community and join forces – in sharing knowledge, and even, in some cases, cots.
  • Not be afraid of AI– The robots are coming, but in cybersecurity, that’s a very good thing. 99 per cent of events can be addressed automatically, and very effectively.

In any war, collateral damage causes a large portion of destruction and injury. No matter how well prepared a defender and its neighbours are, unintended consequences do and will always occur. The same can be said for cybersecurity. No matter how well protected the original target is, those organisations that surround it remain vulnerable to attack.

Dror Liwer, founder and CISO, Coronet
Image source: Shutterstock/GlebStock

Dror Liwer is the founder and CISO of Coronet, an award-winning cloud security company helping small-and-mid-sized businesses protect cloud apps from unauthorized access, data theft and malware/ransomware for free.