Some 48% of UK SMBs have suffered a cyberattack or data breach in their lifetime, with more than one in seven stating it’s happened more than once. These alarming findings demonstrate how SMBs are becoming prime targets for cybercriminals and also that some hold back security spending even after being hit. OpenText’s 2020 Webroot Threat Report highlights the agility and innovation of cybercriminals who continue to seek out new ways to evade defences. The bad guys also seem committed to long-established attack methods. Most notably, Webroot observed a 640% increase in phishing attempts and a 125% increase in malware targeting Windows 7. The report is derived from metrics captured and analysed by Webroot’s cloud-based machine learning architecture: the Webroot Platform.
“In the cybersecurity industry the only certainty is that there is no certainty, and there is no single silver bullet solution,” said Hal Lonas, Senior Vice President and CTO, SMB and Consumer, OpenText. “The findings from this year’s report underline why it’s critical that businesses and users of all sizes, ensure they’re not only protecting their data but also preparing for future attacks by taking simple steps toward cyber resilience through a defence-in-depth approach that addresses user behaviour and the best protection for network and endpoints.”
Automation is helping combat threats, but is a double-edged sword, says Webroot’s Director of Product Marketing George Anderson. Talking to IT Europa, he says customers want automated solutions, but also like to see it working. “This year will be an exciting year as we have a lot new things coming to market. With our changes in ownership (first Webroot was bought by Carbonite, then that business was bought by OpenText), it has been a bit disruptive. We are moving onto the next level now, however."
“The Webroot channel has stayed positive and we have the same focus as before. For some of the major distributors, the OpenText acquisition of Webroot is bound to help because of the new owner’s enterprise experience and we are looking further at how it can help us. A number of MSPs and resellers come direct to us as well and we want to grow that, particularly facing the SMB market.”
“We will also be able to focus more on the data centres market in Europe which will be even more of an opportunity- it is a matter of finding the right channels to work with. It has been steady, now we can get more adventurous because of GDPR and the data centre growth.”
“We have been discussing how to make it easier to sell security, but we are finding that some customers continue to decide not to adopt more powerful security solutions even after being attacked. “They recover somehow and yet still decide not to seek more protection.”
“What we try to do it make security affordable, giving the best at the price and automating it. A lot of distributors are working with MSPs who are better at go-to-market and using our webinar-in-a-box.”
“We have concluded that it is all about education. MSPs are very busy and Webroot has always driven the message through education. Most just ask for more information that they can use. Research we have done on attitudes to phishing shows an overconfidence in understanding.”
“And it’s becoming more sophisticated and targeted. We are getting requests for security awareness and more for consumer-type training for businesses and offering training to the consumers. This is all related to increasing awareness through education. I want to enable people to deal with the issues.”
Another issue is the rising level of attacks on MSPs themselves who are coming under intense focus, particularly in the US, but increasingly in Europe. MSPs really have to think hard on protections and protection for client. “They may have to get tougher on what is permissible among clients. Some were only playing with security and have to do something about it – this was a bit of revelation.”
“We’ve had MSPs go out of business in the US because of attacks and not being able to recover.”
This year in Europe will also see a lot more on privacy and encryption; access control and permissions will be another big area. A lot of networks have been vulnerable because of the way their credentials shave been handled.
“People feel a bit hopeless about it; we are trying to persuade the that if they focus efforts their businesses can be more secure.“
Download the full report here.
Notable Findings:
- Phishing URLs encountered grew by 640 percent in 2019.
- 1 in 4 malicious URLs is hosted on an otherwise non-malicious domain.
- 8.9 million URLs were found hosting a crypto jacking script.
- The top sites impersonated by phishing sites or cybercriminals are Facebook, Microsoft, Apple, Google, PayPal and Dropbox.
- Malware targeting Windows 7® increased by 125 percent.
- 93.6% of malware seen was unique to a single PC – the highest rate ever observed.
- Consumer PCs remain nearly twice as likely to get infected as business PCs.
The data reveals that regions most likely to be infected also have the highest rates of using older operating systems.
Of the infected consumer devices, more than 35 percent were infected more than three times, and nearly 10 percent encountered six or more infections.
The continued insecurity of consumer PCs underscore the risk companies face in allowing employees to connect to business networks from their personal devices.
