How Vulnerable Are SMEs Against Cyber Threats?

In early Jun 2016, the Singapore government announced the separation of internet surfing computer terminals with internal computer operations for the public sector.

While this might bring some inconveniences to public sector employees, the solution could mitigate cyber threats, especially through accidental virus induction. Such inadvertent introduction of malware occurs in the private sector too.

The Straits Times ran a report which interviewed industry players. One of the concerns raised was that SMEs are ‘soft targets’ by cyber criminals.  http://www.straitstimes.com/business/smes-are-soft-targets-for-cyber-criminal

In a report by United Nations on cyber crime and SMEs, a survey conducted in several European countries pointed to a common mentality among the small and medium business owners and managers;

• SMEs never thought they could become victim of cyber crime

• SMEs find it hard to perceive cyber threats and their survival

• SMEs that collaborate with major corporations are easy targets for criminals who wish to enter large corporations via backdoor

http://www.unicri.it/news/files/Research-Guidelines_for_IT_Security_of_SMEs-Flavia_Zappa_FINAL.pdf

A UK company, MNH Platinum had 12,000 file encrypted via ransomware and hackers demanded 3,000 pound, which was paid up. https://www.theguardian.com/small-business-network/2016/feb/08/huge-rise-hack-attacks-cyber-criminals-target-small-businesses

The SMEs environment in Singapore faces identical situation.

The WannaCry ransomware wreaked havoc several months ago and going by a number of anecdotal evidence, many affected SMEs went unreported.  It is not known how many got infected and how many paid up.

Ransomware is one of the technique for cyber criminals to earn money at someone’s expenses. Hackers would find the most efficient ways to do so.