2017 SME Cyber Threats


29 Dec 2016

2017 SME Cyber Threats

Despite their small size and the common misconception by SME owners that they are not at risk from cyber threats, the reality is very different. It is because of their size and smaller budgets that make them a popular target for criminals. So what are the threats to SMEs in 2017 likely to be?

Ransomware

As we have seen, 2016 was the Year of Ransomware and it is unlikely to change significantly next year. Enterprise-targeted ransomware attacks have become mainstream and will continue to be a major threat, while new methods of attack may include exploiting vulnerable web servers as an entry point to gain access into an organisation's network. Ransomware-as-a-service, custom ransomware for sale in dark markets, and creative derivatives from open-source ransomware code will also pose a significant threat. We also expect Mobile ransomware to continue to grow.

Internet of Things (IoT)

The IoT encompasses thousands of types of devices in every industry. IoT should be thought as networks of devices enabling and offering services, many of which are cloud-based. The threat is multifaceted; ranging from ransomware to cloud. IoT devices will also be useful attack vectors into control, surveillance, and information systems, as seen with the recent Mirai malware.

Cloud Services

During the past few years, the rapidly growing use of cloud services and an increase of new devices are challenging traditional methods of protecting everything digital. Increasing amounts of sensitive data and business-critical processes are shifting to public and hybrid clouds. Attackers are adapting to this shift and will seeks to attack cloud infrastructure.

BEC & BPC

Simple-but-effective Business Email Compromise (BEC) attacks will continue to grow, while we will begin to see more hard-hitting Business Process Compromise (BPC) attacks like the US$81-million Bangladesh Bank heist.

Third Parties

Third parties such as vendors and contractors pose a risk to companies. Most have no secure system or dedicated team in place to manage these third-party employees. High-profile breaches of US chains Wendy’s and Target illustrate how cyber criminals have become increasingly sophisticated.

General Data Protection Regulation

European adoption of the General Data Protection Regulation (GDPR) in 2018 will mean a change of processes to comply. They comprise:

Contact us

Call us now to discuss your requirements with one of our consultants.

Contact us today

Related News

CISMP, CISSP and CISM - what's in an acronym?

20 Mar 2017

There is a wide range of different security courses available, and a mind-boggling array of...

Watch Video

International Womens Day - Pioneering Women in Tec...

08 Mar 2017

Pioneering Women in Technology – Katherine JohnsonThe Oscar season has been and...

Watch Video

Law Firms and why they need cyber security

06 Mar 2017

Suffering a data breach can be devastating for any company but for law firms the impacts can be...

Watch Video
Back to the News Hub

Follow us

+44 (0)207 887 2699
©2017 PGI - Protection Group International Ltd. All rights reserved.
PGI - Protection Group International Ltd is registered in England & Wales, reg. no. 07967865
Registered address: Cascades 1, 1190 Park Avenue, Aztec W, Almondsbury, Bristol BS32 4FP