Phishing, P2P, Drive-Bys Top SMB Security Risk List - InformationWeek
IoT
IoT
Mobile // Mobile Applications
Commentary
9/27/2010
12:59 PM
Keith Ferrell
Keith Ferrell
Commentary
50%
50%

Phishing, P2P, Drive-Bys Top SMB Security Risk List

File sharing, drive-by downloads, social nets, phishing, malicious attachments -- according to a new report, these are the leading approaches for criminals targeting small and midsized businesses.

File sharing, drive-by downloads, social nets, phishing, malicious attachments -- according to a new report, these are the leading approaches for criminals targeting small and midsized businesses.While many small and midsized businesses are (rightly) increasingly alert to insider risks, that's no reason to relax at all when it comes to threats from beyond the firewall.

That's one of the key points in a new Dark Reading report, SMBs in the Crosshairs.

And the crooks' crosshairs really are increasingly trained on your business, according to the report's author, Randy George, "small businesses in particular are a filet mignon for hacks and digital criminals."

The reasons? Too little money, time, expertise, awareness, too much over-confidence... all of which make SMBs all too easy prey for:

Malware Laden File-shares: If you're letting your employees run unfettered P2P programs, stop.

Drive-by Downloads: Unpatched and older browsers need to be replaced/updated before anything else.

PDFs With Payloads: Adobe's vulnerabilities catalog continues to grow, and some of that growth is taking advantage of SMBs increasing use (like everybody else) of PDF files.

Phishing: The one that won't go away, and continues to grow as phishers rebuild and replace networks. If you haven't had the "immediately delete unfamiliar e-mails unopened" talk with your employees lately, have it now.

Social Networking: The risks of social nets are growing as fast or faster than the networks' popularity, to the point where one-third of SMBs have already encountered social network-borne malware; put a thorough (and tough) social networking policy in place, enforce it, and then reinforce it constantly.

The complete Dark Reading report SMBs in the Crosshairs: Understanding he Threats, Defending the Business can be downloaded here (registration required).

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
Digital Transformation Myths & Truths
Transformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.
Video
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll