When cyber threats strike, they are costly for both large and small businesses. A recent study provided data indicating that the direct cost to a small business to remediate a cyber-attack is $38,000. For a large company, the direct costs are a whopping $825,000. These figures do not account for more tangential and tertiary or “hidden” costs which rocket recovery and enhanced prevention costs into the stratosphere.
“The study (Kaspersky Lab) found that malware attacks are the most prevalent type of cyberattack. Other common categories include phishing attacks and accidental data leaks by employees. Despite the potentially crippling financial impact of such attacks, many businesses aren’t making cybersecurity a top priority. Only 50% of the IT professionals surveyed list prevention of security breaches as one of their major concerns.”
Attacks are being launched incessantly. When they hit a target, the cost of repair and recovery is high. Yet, too many businesses are unprotected and vulnerable.
Cyber attackers target individuals, as well as businesses. Getting a virus, being hacked, losing critical data, having one’s identity stolen, or having a PC or device rendered useless can be extremely frightening, frustrating, and costly. The situation becomes more complicated when personal computers and devices are used in a small business. IT management solutions must address this co-mingling of business and personal devices.
Mobile Computer Services, Inc. of Wake Forest, an IT support specialist, is warning small business owners about some of the most dangerous malware threats lurking in the cybersphere.
WinRAR Bug is new and dangerous malware
WinRAR, a popular program, extracts compressed files. It has been around for years, and all this time, it has had a hidden vulnerability. Attackers can engineer compressed files so that they extract malware directly to the Windows operating system without warning. A host of malware is taking advantage of this newly revealed vulnerability. WinRAR owners should patch it right away. Since WinRAR does not patch automatically, the software must be updated manually to be safe.
Fake Asus updates weaponized with viruses
Asus recently made it known that its update software was breached at the source, and one of the latest critical security updates for their machines secretly contained malware. Malware was distributed to over 1 million people, but fortunately, it appears to have only been hunting for 600 specific targets. Asus owners who think their computer has been affected by the malware known as ShadowHammer should check their device on the Asus website.
IoT attacks hit 32.7 million
IoT devices are rising in popularity. However, their controls are relatively easy to attack and abuse. Many have no built-in firewalls, and they may also lack the ability to change default usernames and passwords. Since 2017, this vulnerability has led to a 217.5% increase in attacks against IoT devices. In general, these attacks are engineered to generate swarms of remote-controlled ‘bots’ that can implement targeted DDoS attacks that bring down portions of the internet. Those having or planning to obtain an IoT device should ensure its security.
New Android malware can drain bank accounts
A new type of banking malware was discovered on Android devices very recently. This malware, known as Gustuff, can automatically break into banking and cryptocurrency apps installed on a phone and steal funds. This application spreads by texting the contacts on a victim’s phone. Do not click on the links in unusual text messages! If there is concern that there may be an infection, research Android Antivirus Apps.
NVIDIA patches its graphics management software
Many gaming computers have an NVIDIA graphics card. It has recently been discovered that the management software controlling these graphics cards is vulnerable to a bug that would allow users to arbitrarily execute code within a victim’s computer. So far, no exploit has yet appeared for this vulnerability. To be on the safe side, patch the graphics card drivers as soon as possible.
SMBs: Easy targets for ransomware
Statistics show that 43% of cyber-attacks target small businesses. Lacking the money and time to secure their computers, these companies make easy targets. Small businesses need to be on guard.
Facebook stored passwords in plain text
Hundreds of millions of passwords were stored by Facebook in plain text. If an attack had ever breached that part of Facebook, hackers would have been able to steal accounts. Facebook users may want to consider changing their password.
New vulnerability in TP-Link smart home routers
Owners of the TP-Link SR20 Router might consider replacing it because developers at Google recently announced that this brand of router is affected by a vulnerability. Attackers can take control of the router if they join the same network. Google revealed this vulnerability to the public 90 days after telling the manufacturer since the manufacturer apparently did not immediately issue a fix. The recommendation is to replace the router unless TP-Link has released a fix.
To protect a business from cyberattacks, entrepreneurs can consult with Mobile Computer Services, Inc. of Wake Forest, one of the leading managed IT service providers. For more information about IT service management that provides solutions encompassing all facets of data management and cyber protection, contact Mobile Computer Services of Wake Forest at (919) 230-2900.