Page 51 - Cyber Defense eMagazine August 2024
P. 51
insurance claims each year—was taken down in a ransomware attack that happened simply due to a
5
lack of multifactor authentication (MFA), a basic security control that enhances endpoint security .
At Huntress we have seen some variants of malware and ransomware popping up that are newer or even
homemade. And SMBs, especially in healthcare, are an ideal place to try these variants out. For one
thing, these SMBs are an easy target to exploit, sometimes as small as a single physician’s office or a
smaller chain of dental offices. And once threat actors gain a foothold in that environment, thanks to
HIPAA and other requirements, those targets are more likely to give into demands and pay a ransom—
leaving the attacker to skip off to their next target.
6
In 2023, attackers exploited known vulnerabilities early on, such as MOVEIt , 3CX, and ScreenConnect.
And very often, they used SMBs as the “sandbox” to try out their tricks before moving onto the enterprise
arena. And so, the old cycle of use/discard continues as attackers try out TTPs on SMBs like small
healthcare offices and then move on to bigger, greener pastures.
And left in the wake? The vulnerable SMBs trying to move forward from a breach.
Arming SMBs to Fight Back
For SMBs who want to get ahead of the growing threat against them, now is the time to embrace and
adopt proven security controls and build endpoint security like never before. As endpoints act as the
7
gateway to an organization’s digital environment, 70% of breaches start here . Some useful strategies to
help SMBs build better endpoint security and proactively fight threats:
• Implement an asset management tool to help you keep track of all of your endpoints and prioritize
security measures for the most critical ones in your infrastructure.
• Embrace auto-patching and make sure systems are regularly updated through a proactive patch
management strategy.
• Immediately implement MFA if it’s not already in place across your devices and programs/tools.
• Use role-based access controls to align permissions and job responsibilities, performing regular
audits to ensure your security is aligned to the principle of least privilege.
• Look at endpoint detection and response (EDR) solutions to help your SMB gain real-time insight
and alerts that will empower a stronger response against threats.
SMBs should also be mindful of changes resulting from work-from-home shifts, with more exploits
happening thanks to multiple devices on a home network, improperly configured (or just plain old and
unsecured) home routers, and personal use of business-owned devices and systems. Proactive SMBs
should consider cyber awareness training for their team to build vigilance and knowledge ahead of the
threat.
Finally, if an SMB hopes to successfully defend against the fray of attackers they’re now vulnerable to,
it’s time to build a comprehensive security plan to defend your endpoints. And if you’re not ready to do
that or don’t have the in-house talent to achieve that goal, it may be a great time to bring in an MSP or
similar partner to help you achieve the security you need in order to keep your business healthy for the
long term.
Cyber Defense eMagazine – August 2024 Edition 51
Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.
