The best way to protect your business is to know what you need to protect it from. Last week, Symantec security experts Kevin Haley and Jay Epton engaged in a Twitter chat with Anita Campbell of Small Business Trends to discuss the findings of the Internet Security Threat Report Vol. 18 (ISTR), which reveals the current state of the threat landscape and an increase in focus being placed on SMBs by attackers. More than 600 tweets explore how cybercriminals are working to steal intellectual property and other confidential information from SMBs, and what you can do to protect your business.
If you missed the #SMBchat, here are some of the questions that were asked, with responses from Symantec experts and the SMB participants.
We keep hearing that cybercriminals change their tactics. What is the big takeaway from the ISTR 18?
- Small businesses are now the target of 31% of all attacks, a threefold increase from 2011. (@KPHaley)
- Sorry @smallbiztrends not just one takeaway. Also: Web-based attacks increased 30% in 2012. (@KPHaley)
- It’s possible many of these attacks originated from compromised websites of small businesses. (@KPHaley)
- I've seen quite a few hacked servers over the last several months. It's a pain to clean up the mess too. (@robert_brady)
- Wow, that's a pretty significant increase. Shows how important it is to ensure our #SMB security. (@tiroberts)
- One of my good blogging friends recently had her entire domain stolen from her site directory. She’s had to completely rebuild a new blog with a new domain name and content. I must say she handled it well. Would hate for that to happen 2 me. (@tiroberts)
We’ve all been cautioned about protecting our computers. But what about tablets and smartphones?
- For company-provided devices, consider locking them down and preventing the installation of unapproved applications. (@KPHaley)
- Android OS attacks are on the rise so those users especially must use an AV product and be careful of rogue apps. (@PinkTec)
- Also be cautious when downloading music on your phone or tablet. Many viruses can be disguised as music files. (@tiroberts)
- 59% of all mobile malware ever written was written in 2012. (@KPHaley)
- Updated your website or social media from a mobile device? Get e-mail on your smartphone? Then there's cause to worry. (@Shawn_Hessinger)
- Mobile security is just one piece of the puzzle for a poor #Smallbiz owner that is already wearing too many hats. (@PinkTec)
Fake sites designed to infect computers have doubled in the past year. How can employees tell if a site is fake?
- If only it was that easy. 61% of websites hosting malware are legitimate sites. Hijacked by bad guys. (@KPHaley)
- Business, technology, and shopping websites were among the top five types of websites hosting infections. (@KPHaley)
- Symantec attributes this to unpatched vulnerabilities on legitimate websites. Website Admins, you gotta patch! (@KPHaley)
- I saw a cool site that Norton offers: https://t.co/JOCTQ2tprP where you can check a website to see if it is fake. (@TJMcCue)
- Another growing source of infections on websites is malvertisements. (@Jay_Epton)
- This is when criminals buy advertising space on legitimate websites and use it to hide their attack code. (@Jay_Epton)
What are three things you recommend small businesses do this week to better protect against cyber threats?
- First, realize that signature-based antivirus along is not enough to protect against today’s threats. (@Jay_Epton)
- Use a comprehensive endpoint security product that includes additional layers of protection. (@Jay_Epton)
- Emphasize multiple, overlapping, and mutually supportive systems to guard against single-point failures. (@Jay_Epton)
- Update your antivirus and get the latest version, run a thorough scan, change all passwords (@tiroberts)
- Keep your security software current and your OS and third-party apps updated with the latest patches. (@Jay_Epton)
We’d like to thank those who participated in #SMBchat. If you have any other questions regarding the ISTR, let us know in the comments below. For more detail on the ISTR, click here.
You can follow the continued SMB news and conversations at @SymantecSMB. Let us know if you have any topics to suggest for out next Twitter chat.