The Top Cyberthreats that SMBs Should Look out for

When we hear about cyberattacks in the news, the vast majority are against large enterprises that have national or international brand recognition. This might make some assume that smaller businesses aren’t a target, but that misconception couldn’t be further from the truth. In fact, 43% of all data breaches involve SMBs. Why? Because while larger targets may yield more loot, they’re a lot harder to penetrate. For cyberattackers, their favorite targets are those they consider low hanging fruit, the ones where they can secure small (but not insignificant) gains with little effort and minimal public dust-up.

Many SMBs aren’t equipped with the right defenses to mitigate the threats, and the bad guys know it. What’s more, many don’t have the resources to weather a significant breach. In fact, 60% of small businesses go out of businesses within six months of a cyberattack. A frightening statistic to be sure, but one that can be addressed through awareness, education and the right tools. In this article, we’ll take a look at the top cybersecurity threats SMBs should be aware of and ways they can safeguard their businesses to prevent a major loss.


Ransomware is the number one threat facing SMBs today, with data showing 82% of ransomware attacks target small businesses. One of the most pernicious threats, ransomware leverages malicious code to encrypt a company’s data, making it nearly impossible to retrieve without a key. And of course, companies must pay handsomely to get the key from the attackers.

The main avenue ransomware uses to gain access to a company’s data is via remote desktop protocol (RDP) compromise since more people are working from home. Additional attack vectors ransomware groups like to use include phishing and social engineering. More on those later.

How to combat

  • Make sure all employees adhere to a strong password protocol.
  • Back up all of your data regularly.
  • Maintain a strong cyber hygiene routine – update and patch all of your devices and software regularly.
  • Install endpoint protection software like antivirus and anti-malware.

Phishing and Business Email Compromise Attacks

Phishing is a type of social engineering attack that continues to be a favorite tactic among cybercriminals because it’s easy to do and people keep falling for it. Last year, it comprised 23.7% of SMB cyberattacks.

Here’s how it works: the threat actor sends what appears to be a legitimate email or text from a company, partner, etc., which includes a malicious link. The link may install malware that allows attackers to control a victim’s computer and eventually gain access to the company’s sensitive data. It could also use HTTPS phishing, where the link takes the victim to a fraudulent (but legitimate-looking) website to fill out a form that asks for personal information (i.e., Social Security number, credit card information, etc.).

In a similar vein, business email compromise (BEC) attacks resulted in losses of close to $2.4 billion in 2021. A BEC attack is a form of spear phishing that happens when a cybercriminal impersonates or compromises an executive’s email account. The goal is to trick employees or vendors into wiring payments for good or services.

How to combat

  • Use multi-factor authentication (MFA) on all email accounts.
  • Conduct regular and rigorous cybersecurity awareness trainings with employees, making sure to includes strategies on how to identify phishing scams.
  • Look into purchasing anti-phishing software.

Insider Threats and Data Leaks

Perhaps one of the scariest tropes in cinema is when a young babysitter is terrorized by creepy phone calls, only to find out the threat is coming from inside the house. It’s scary because someone’s home is supposed to be a safe, protected space.

In business, often the biggest threat can be “inside the house”— someone whom you’ve hired and entrusted with sensitive data. While many of these insider threats are the result of negligence (i.e. an employee falls victim to a phishing scam), there are some instituted by those who wish to cause harm to the business. Insiders with malintent will exfiltrate important data for financial gain or a competitive edge or edit/delete data to retaliate for some real or perceived slight.

How to combat

  • Institute the principle of least privilege, where employees have access only to the data and systems needed to do their jobs. You can also look into a privileged access management (PAM) system to support your efforts.
  • Maintain strong and clear security policies to ensure no employee, vendor or contractor has any doubt about acceptable security behavior.

Getting help for your cybersecurity needs

This article only scratches the surface of the types of threats small- and medium-sized businesses face. Given all the different attack strategies and vectors, it can be overwhelming for SMBs that don’t have a dedicated security team at the ready. This is when it’s helpful to look for partners that can use their cybersecurity expertise and services to craft an approach that’s right for you.

Managed security services providers (MSSPs) can remove the burden of monitoring, detecting and remediating threats so you can focus on your core business objectives. With solutions like endpoint detection and response (EDR) and managed detection and response (MDR), they can gather and analyze data to quickly identify threats across your environment and provide a rapid response.

If you’re looking to get additional support for your cybersecurity needs, check out this eBook, which offers a deep dive into MSSPs, their services and how to choose one that best fits your business needs.

Have you registered for our next event?