Small businesses fret as cyberattacks surge 89% in 4months
Between the periods of January-April 2022, the number of cyber-attacks in Nigeria has almost doubled, posing an increasing danger to entrepreneurs and small businesses.
According to a press statement released today by Kaspersky, a global cybersecurity and digital privacy company, the number of Remote Desktop Protocol (RDP) attacks surged by 89 percent to 303,500 attacks in the first four months of 2022 as against 161,000 in the same period of last year.
RDP is a proprietary protocol developed by Microsoft which provides a user with a graphical interface to connect to another computer over a network connection. The device makes it possible for employees to connect to their work desktop computer when they work remotely.
And the COVID-19 pandemic has led to an increase in remote working, causing many companies to introduce the RDP.
“With the shift to remote working and the introduction of numerous advanced technologies in the daily operations of even small companies, security measures need to evolve to support these sophisticated setups,” Denis Parinov, security researcher at Kaspersky said
Parinov also said that cybercriminals are already way ahead of the curve, so much so that virtually every organisation will experience a breach attempt at some point.
“For small companies today, it’s not a matter of whether a cybersecurity incident will happen but when. Having trained staff and an educated IT-specialist is no longer a luxury but a must-have part of your business development.”
The statement also highlighted that in 2022, the number of Trojan-PSW (Password Stealing Ware) detections in Nigeria more than doubled by 146.7 percent when compared to 1,076 in 2021.
Trojan-PSW is a malware that steals passwords, along with other account information, which then allows attackers to gain access to the corporate network and steal sensitive information.
“Another popular attack tool used on small businesses is Internet attacks, specifically, web pages with redirects to exploits, sites containing exploits and other malicious programs, botnet C&C centers among others,” the statement stated.
“While the number of these attacks decreased in the first four months of 2022 in Nigeria (56 836 infections in 2022 compared to 99 146 infections in 2021), Internet attacks are still a concern and need to be protected against.”
In order to protect businesses against these increasing attacks, Kaspersky recommends providing staff with basic cybersecurity hygiene training as many targeted attacks start with phishing or other social engineering techniques.
It further added using a protection solution for endpoints and mail servers with anti-phishing capabilities to decrease the chance of infection through phishing emails.
And also always safeguard corporate data and devices, including by using password protection, encrypting work devices and ensuring data is backed up.
“Keeping work devices physically safe – do not leave them unattended in public, always lock them and use strong passwords and encryption software.”