June 30, 2017 11:52 am

Small businesses often more vulnerable to cyberattacks, experts say

A computer screen shows the notice that computer files are being held ransom, as part of a massive international cyberattack, at an office in Kiev, Ukraine, Tuesday June 27, 2017.

Oleg Reshetnyak via AP

Businesses around the world are reeling from “Petya,” the latest global ransomware attack, which reached at least 80 large companies and thousands of computers on Tuesday.

The Petya ransomware attacked networks that use Microsoft Windows, exploiting a vulnerability in its software, similar to how the WannaCry virus infected systems just weeks ago, The Guardian reported.

But while big companies suffered, small-to-medium-sized businesses are even more vulnerable to these kinds of attacks because of their limited financial resources.

With less money comes less robust security infrastructure, experts have said.

WATCH: Cybersecurity expert discusses global reach of latest ransomware attack

“A lot of enterprises have enterprise tools that they can use to readily patch all their systems in a timely manner,” said Razmik Ghanaghounian, a senior IR analyst from IBM’s Incident Response and Intelligence Services team.

“Those smaller companies don’t have the necessary skill-sets, resources or the financial costs associated with implementing great infrastructure or support.”

And because of these security discrepancies, smaller businesses may have a harder time recovering after being hit by a widespread ransomware attack, Ghanaghounian added.

WATCH: What was behind Tuesday’s global cyberattack?

Story continues below

“Many businesses just say, we’ll cut our losses and start from scratch. We learned our lesson and we’ll make sure we patch,” he explained.

Large businesses will often have whole teams of employees dedicated to monitoring its systems for security flaws and immediately addressing any vulnerabilities, said Kurt Roemer, chief security strategist for Citrix.

Small businesses, he said, likely don’t have that luxury.

READ MORE: Calgary cyber security experts warn WannaCry ransomware attacks could happen here

“Many small businesses might hire a consultant who does security as a percentage of what they contribute but definitely doesn’t have those resources behind them,” Roemer said.

Businesses that patched their systems since then were likely protected from the most recent attacks, Ghanaghounian and Roemer said.

WATCH: Sophisticated cyberattack cripples computers across the globe

“Microsoft would have released the updates that would have prevented this attack in March. These are definitely preventable events,” Roemer explained.

Since Petya made headlines on Tuesday, experts have questioned whether data destruction was its true goal, rather than ransom money.

According to Roemer, the email provided by the attackers to those affected was disconnected by the ISP that was hosting the email address, cutting off all communication.

“So even if you did pay the ransom there was no way to go ahead and get your key to unlock,” Roemer said. “So it’s really a tough situation because people who thought they’d just be able to pay the ransom and get their data back — can’t.

“There’s been lots of reports about this ransomware really not being about ransom at all and being more about data destruction,” he explained.

Roemer added that while small businesses may have a tougher time recovering after such infections, corporations of all sizes have plenty to lose if they find themselves in the throes of a ransomware attack.

READ MORE: How the WannaCry ransomware attack spread around the world

“There are businesses that will be down for weeks as they completely have to redo their infrastructure, every endpoint, every connection, re-verify all their data. That’s a substantial amount of disruption. And unfortunately, this attack was completely preventable,” he said.

To protect themselves ahead of time, Roemer recommends that smaller to medium-sized businesses switch to cloud-based data storage, meaning that businesses don’t have to maintain the infrastructure on their own.

Small businesses can also benefit from low implementation costs. Enabling automatic updates could ensure that small businesses with fewer workstations are always up to date.

READ MORE: 5 things to know about ‘WannaCry’ ransomware cyberattack

Ghanaghounian and Roemer also agreed that creating reliable, frequent backups is the best way to help businesses recover quickly after they’re hit by cyberattacks. 

Roemer said businesses need to realize the next major cyberattack may not be too far away.

“Have this be a wake-up call that there’s going to be another one coming around that’s even worse,” he said.

© 2017 Global News, a division of Corus Entertainment Inc.

Report an error


Want to discuss? Please read our Commenting Policy first.