In part one of this three-part series we investigate what multi-vector cyberattacks are and why they are particularly relevant to small businesses.
It’s no secret that cyberattacks continue to pose a big threat for small businesses. While awareness of cyber threats is at an all-time high, attacks remain both prevalent and successful. In fact, the Australian Cyber Security Centre’s recently released 2017 Threat Report revealed that 47,000 cyber security incidents were recorded in 2016-17 alone. In today’s world of increasingly sophisticated cybercrime, one of the most dangerous advances has been the multi-vector attack.
The consequences of multi-vector attacks – from downtime, loss of data and huge financial loss – can be devastating to small businesses. With Webroot’s latest research report revealing a cyberattack on an Australian business with 100 to 499 employees would cost on average AU$1,893,363, it’s clear that the constantly evolving threat landscape is having a costly impact.
So, what are multi-vector attacks?
In a multi-vector attack, criminals combine a range of threat technologies, deployed in numerous stages, across multiple points of entry, or vectors, to infect computers and networks. This blended approach increases the likelihood of success, the speed of contagion, and the severity of damage.
When criminals successfully breach systems and networks, they use their access to drop malicious payloads, which include, but are not limited to, adware, spyware, ransomware, phishing attacks, keyloggers, viruses, and rootkits.
Attack vectors include email, web browsers, display ads, hyperlinks, files, social-media apps, and external devices, such as USB drives or web cams – all entries that employees on the ground face each day. One strong example of a multi-vector attack is phishing, which was behind 90 per cent of security incidents and breaches in 2016.
Multi-vector attacks are designed to exploit the blind spots of conventional signature-based security, allowing malware to infiltrate systems undetected. Unfortunately, even the more modern endpoint solutions available today still rely—at least in part—on signature-based detection models, making them vulnerable to multi-vector attacks.
According to our threat research, 94 per cent of all malware released is unique to a single endpoint. That means today’s malware is almost always an unknown threat; it’s constantly adapting and morphing into unique variants, into something that’s never been seen before.
Traditional endpoint security vendors can only protect end users once the threat is known, and only after a full malware installation attempt on the endpoint is completed, a difficult task for small businesses. The infection itself will only be blocked if there is a local signature specific to that new threat variant. Extrapolating from the data we have collected, that means there’s up to a 94 per cent chance the traditional solution won’t be able to stop the threat.
Why are multi-vector attacks specifically relevant to SMEs?
Whilst large corporations will always be targeted with multi-vector attacks, increasingly, we are seeing a number of SMEs come under threat as they have multiple users, but may not have invested in the necessary protection, making them vulnerable. It’s vital that SMEs invest the time and money into prevention resources to ensure the greatest level of protection for their business.
After all, prevention is better than a finding a cure.
In the next instalment, we’ll examine the different types of impacts multi-vector attacks are having on SMEs.
Daniel Slattery, Senior Information Security Analyst, Webroot