Kaspersky: MSMEs Are Still A Soft Target For Cybercriminals
JAKARTA - Kaspersky's report on Threats to the latest MSMEs reveals that cybercriminals continue to target MSMEs with a variety of more sophisticated tactics. Kaspersky statistics shows that the number of MSME employees who face malware disguised as legitimate business applications is relatively stable from year to year, namely 2,478 attacks in 2023, and 2,572 attacks in 2022. In carrying out these attacks, Kaspersky's report also found that cybercriminals used many methods, including exploiting vulnerabilities, using emailphishing, fraudulent text messages, and even using seemingly harmless YouTube links, with the aim of gaining access to sensitive data. This alarming trend underscores the urgent need for increased cybersecurity protection to protect MSMEs from cyber threat attacks.
另请阅读:
"The vulnerability faced by MSMEs should not be underestimated. Because this business is the economic backbone of most countries, it is very important for governments and organizations to step up their efforts to protect these companies," said Vasily Kolesnikov, security expert at Kaspersky in a written statement received in Jakarta. The report also revealed that the number of malicious file detections targeting MSMEs in the first five months in 2023 even reached 764,015. Of these, exploitation is the most common threat to MSMEs, accounting for 63 percent (483,980) of all detections at that time. Threats of phishing and scams also pose significant risks to MSMEs, with cybercriminals cleverly tricking employees into leaking confidential information or becoming victims of financial fraud. Furthermore, Kaspersky's report highlights that smishing or SHS phishing is a frequently used method for infiltrating into employee smartphones. This technique begins with victims receiving text messages with links, distributed through various platforms such as SMS, WhatsApp, Facebook Messenger, WeChat, and others. If users are not wary of clicking embedded links, their devices become vulnerable to uploading risky malicious codes.