MSMEs Can Be The Target Of Cybercriminals In 2023, This Is A Series Of Threats!

Illustration of cyber attacks or crimes. (Photo: Pexels/Sora Shimazaki)

JAKARTA - Cybercriminals often target personal data. However, don't think they're just chasing the big company level.

These cybercriminals also target small businesses.

As statistics show by security firm Kaspersky, more than 60 percent of Micro, Small, and Medium Enterprises (MSMEs) have also experienced cyber attacks during 2022.

As a result of cyber attacks, businesses can lose valuable confidential, financial, market share information and there are many ways cybercriminals do to achieve their goals.

But the more important thing is to determine the threats that the MSME sector may face. The following is a report from Kaspersky quoted by VOI, Saturday, December 17.

There are various ways the company's data can leak and, in certain cases, it may happen accidentally. One of them, when the company's computer used for entertainment purposes remains one of the main ways to gain initial access to the company's network.

Looking for alternative sources to download newly released episodes of events or films, users face various types of malware, including Trojans, spyware, and backdoor, as well as adware.

According to Kaspersky statistics, 35 percent of users who face threats under the guise of streaming platforms have been influenced by Trojans. If such malware ends up on the company's computer, attackers can even penetrate the company's network and search for and steal sensitive information, including business development secrets and employee personal data.

Distributed Network attacks are often referred to as Distributed Denial of Service (DDoS) attacks. This type of attack takes advantage of specific capacity limits that apply to any network resources, such as infrastructure that activates the company's website.

DDoS attacks will send a lot of demand to the web resources being attacked, with the aim of exceeding the website's capacity to handle a lot of demand and prevent websites from functioning properly.

Attackers use various sources to take action against organizations such as banks, media assets, or retailers, all often affected by DDoS attacks. Recently, cybercriminals targeted food delivery services in Germany, Takeaway.com (Lieferando.de).

There is also a growing trend towards gaming companies. North American Fantasy 14 Final Data Center was attacked in early August. Players experience connection, login, and data sharing problems. Blizzard multiplayer games namely Call of Duty, World of Warcraft, Overwatch, Hearthstone, and Diablo: Immortal were also hit by DDoS attacks again.

It should be noted that many DDoS attacks were not reported, as the amount of payments was often not too large.

Attacks through supply chains usually mean services or programs that have been in use for some time become dangerous. This is an attack delivered through a vendor or company supplier.

Examples are financial institutions, logistics partners, or even food delivery services. And such actions can vary in complexity or destructive power.

The attacker used ExPetr (aka NotPetya) to compromise the accounting software automatic update system called MEDoc, forcing it to send ransomware to all customers. As a result, ExPetr causes millions of dollars in losses, infecting both large companies and small businesses.

Or CCleaner, one of the most famous programs for cleaning the system's registries. It is widely used by home users and system administrators. At some point, attackers compromise the program developer's compilation environment, some versions equipped with backdoors.

During the month this compromised version was distributed from the company's official website, and downloaded 2.27 million times, and at least 1.65 million copies of the malware attempted to communicate with the attacker's server.

Malicious files everywhere, if downloading files is invalid, make sure the file is not harmful. The most common threats are encryption that pursue the company's data, money, or even the owner's personal information.

To support this, it should be noted that more than a quarter of MSMEs choose pirated software or are not licensed to cut costs. The software may contain some malicious or unwanted files that can exploit the company's computers and networks.

In addition, business owners must be aware of access brokers because such a group layer will cause MSME losses in various ways by 2023. Customers of their illegal access include cryptojacking clients, banking password thieves, ransomware, cookies thieves, and other problematic malware.

Since the start of the COVID-19 pandemic, many companies have moved most of their workflows online and learned to use new collaboration tools. One of them, the Microsoft Office 365 suite and not surprising anyone, phishing is now increasingly targeting the user's account.

Online fraudsters have used all kinds of tricks to get business users to enter their passwords on the websites they create to look like Microsoft's incoming page.

Kaspersky found several fraudsters imitating loan or delivery services, by sharing fake websites or sending emails with fake accounting documents.

Some attackers disguise themselves as legitimate online platforms to benefit from their victims, perhaps even quite popular money transfer services, such as Wise Transfer.

Another dangerous sign found by Kaspersky experts is a link to a page translated using Google Translate.

The attacker uses Google Translate to bypass the cybersecurity mechanism. The email sender stated that the attachment is a kind of payment document exclusively available to the recipient, which must be studied for the presentation of the next contract and payment meeting.

The Open button link points to a site translated by Google Translate. However, the link leads to a fake site launched by the attacker to steal money from the victim.