Cybercriminals continue to spread malware to SMBs disguised as legit business software 

Attempts to attack Pinoy SMBs in H1 2023 jump 325%, all detected and blocked by Kaspersky

Cybercriminals continue to target small and mid-sized businesses (SMBs) as they keep on spreading malware disguised as business software. From anonymized data of its SMB clients in the Philippines in the first half of 2023, Kaspersky revealed a huge jump of about 325.58% in the number of attempts to attack SMBs compared to the same period last year. 

The findings came about as the global cybersecurity company recently assessed the threat landscape in the SMB sector. The SMB Threat Statistics from the Kaspersky Network Security (KSN) telemetry gathered figures in this sector from six countries in Southeast Asia, including the Philippines. KSN is a system for processing anonymized cyberthreat-related data shared voluntarily by Kaspersky users. 

Kaspersky data disclosed about 1,847 unique hits against Kaspersky’s SMB clients in the country were detected and blocked from January to June 2023, a far cry from only 434 within January to June 2022. A unique hit is the number of times that cybercriminals attempted to attack. 

The six-month worth of unique hits detected and blocked by the cybersecurity company among its Philippine-based SMB clients in 2023 is already more than double the total unique hits (817) in the entire of 2022.

Data collected by Kaspersky experts also showed that among the most popular software products used by its clients who owned SMBs around the world include MS Office, MS Teams and Skype among others. These software names were then run against the KSN telemetry to find out how much malware and unwanted software were distributed under the guise of these business applications. 

Between January to June 2023, Kaspersky data showed about 196 SMB employees among Kaspersky’s clients in the Philippines were monitored to have encountered unique malware or unwanted software disguised as legit business apps. There were only 76 users monitored to have been tricked within the same period last year.  

Unique hits among SMBs in the Philippines

Malware, an umbrella term for “malicious software”, is designed by and for professional cybercriminals to cause harm to a user’s device or network. It encompasses a variety of cyber threats such as Trojans and viruses (ransomware is a form of malware). Malware attacks are destructive to small businesses as they can cripple devices requiring expensive repairs or replacement. Malwares also give attackers a back door to access and steal data, putting both customers and employees at risk.

“It’s always easy—and popular— to think that your business is too small to be a target. Whatever business you’re in, as long as you’re using at least a computer or a mobile device that’s connected to the internet, you’re vulnerable to a cyber incident,” said Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky.

“As an SMB, I know you deal with so much with very little resources. Now that hybrid work is the norm, security is your additional concern and it needs to be a top priority. Taking the unsafe approach of using home-level versions of security software is no longer an option. Effectively reducing the impact of a cyberattack is only possible if the workforce is properly trained for cyber resilience. Remember, when it comes to cybersecurity, the weakest link is always your people. Also, there is now such a thing as building an IT infrastructure with lower investments. Ask for help,” Yeo added. 

As cybercriminals target SMBs with all types of threats — from malware disguised as business software to elaborate phishing and email scams — businesses need to stay on high alert. This is critical because a single cyberattack can lead to catastrophic financial and reputational losses for a company. To keep your business protected from cyberthreats, we recommend the following measures:

• Provide your staff with basic cybersecurity hygiene training. Conduct a simulated phishing attack to ensure that they know how to recognize phishing e-mails.
• If you are a Microsoft 365 user, remember to protect that too. Kaspersky Security for Microsoft Office 365 includes dedicated apps that target spam and phishing, and protect SharePoint, Teams and OneDrive for secure business communications.
• Set up a policy to control access to corporate assets, such as email boxes, shared folders and online documents. Keep it up to date and remove access if the employee has left the company or no longer needs the data. Use cloud access security broker software that can help manage and monitor employees’ cloud activity and enforce security policies.
• Make regular backups of essential data to ensure that corporate information stays safe in an emergency.
• Provide clear guidelines on the use of external services and resources. Employees should know which tools they should or should not and why. Any new work software should go through a clearly outlined approval process by IT and other responsible roles.
• Encourage employees to create strong passwords for all digital services they use and to protect accounts with multi-factor authentication wherever applicable.
• Use professional services to help you get the most out of your cybersecurity resources. The new Kaspersky Professional Services Packages for SMB provides access to Kaspersky’s expertise on assessment, deployment and configuration: all you need to do is add the package to the contract, and our experts will do the rest.
• Use a security solution for endpoints, such as Kaspersky Endpoint Security for Business or Cloud-Based Endpoint Security, to minimize the chances of infection.
• Have a comprehensive defensive concept that equips, informs and guides your team in their fight against the most sophisticated and targeted cyberattacks like Kaspersky Extended Detection and Response (XDR) platform.

For local SMBs, Kaspersky in Southeast Asia also has launched a Buy 1 Free 1 promo which allows businesses to enjoy two years of enterprise-grade endpoint protection for the price of 1 with Kaspersky Endpoint Security for Business or Cloud or Kaspersky Endpoint Detection and Response Optimum, with 24×7 phone support. Interested customers can reach out to sea.sales@kaspersky.com. 

To know more about Kaspersky’s latest SMB threat report, visit https://securelist.com/smb-threat-report-2023/110097/.

About Kaspersky 

Kaspersky is a global cybersecurity and digital privacy company founded in 1997. Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection, specialized security products and services, as well as Cyber Immune solutions to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky technologies, and we help over 220,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.