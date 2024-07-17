Hoping for the best won’t keep your data safe. Small businesses must implement the tools and processes they need to defend against modern cyberattacks.

In many ways, technological innovation has been a boon to small businesses. New applications help entrepreneurs run more nimble and productive operations, and advances in artificial intelligence (AI) are accelerating their ambitions.

However, small businesses aren’t the only ones exploring new technologies. As they learn how to use innovative tools to their advantage, cybercriminals are doing the same, discovering how they can adopt new approaches to make their attacks faster, stealthier, and more effective. The trend is quickly causing alarm among small businesses. Many entrepreneurs now view these incursions as an existential threat. A recent TechValidate survey by global cybersecurity leader CrowdStrike found 90 percent of small-business owners think they would be impacted by a cyberattack. One-third (33 percent) said they would “likely” or “definitely” go out of business if attacked. “Artificial intelligence is changing the game, and we haven’t really seen the full impact yet,” says Tristan Morgan, managing director of security for BT Group, a British multinational telecommunications company that connects more than one million business customers around the world. “You need to treat this like you would your home security. You wouldn’t leave the doors open or the key in the lock, right? You have to take this seriously.”

Today’s threat actors are working harder to fly under the radar. Malware-free cyberattacks represented 75 percent of detections in 2023, up from 71 percent in 2022, the CrowdStrike 2024 Global Threat Report states. Let’s take a closer look at how this malware-free activity is evolving. Seeking the keys to the kingdom Threat actors have historically relied on file-based attacks to infiltrate networks. These attacks often involved phishing scams that deceived victims into downloading malicious files to their computer. In many cases, traditional antivirus software was able to effectively stop these threats by identifying and isolating them before any damage could occur. Modern phishing attacks have evolved to become more subtle and effective. Today’s attackers more commonly use social engineering tactics to manipulate victims into handing over sensitive information such as financial data or legitimate log-in credentials from a company’s employees.

“A lot of the initial cybersecurity defenses were predicated on the signatures associated with malicious files,” says Raj Rajamani, head of products for CrowdStrike. “The shift [to identity-based attacks] has challenged many security vendors to do better.” Identity-based attacks, in which a threat actor uses legitimate log-in credentials or other information instead of a malicious file to gain network access, are becoming increasingly prevalent. When an attacker has a set of valid credentials, they can often easily log in to a network and move laterally without triggering any alarms. These attacks work in several ways. Most often, a threat actor sends a malicious link in an email or text message to direct employees to fraudulent sites to capture their log-in credentials. With these, the adversary can access a company’s most sensitive data. Traditional antivirus software, designed to detect downloadable files, is typically ineffective against identity-based attacks.

“They can walk right in with no files needed,” says Rajamani. “Multifactor authentication has become more popular, but MFA doesn’t prevent all attacks. You need to do a little more.” Modern cybersecurity is up to the task. CrowdStrike, for example, helps keep companies safe by monitoring suspicious files or links and taking action before any real damage is done. “What we generally do in those situations is we allow the script to start running, but we observe its behavior,” Rajamani explains. “Certain tasks have what we call a badness score based on what the script attempts to do. If it crosses a certain threshold of badness, we shut it down.” New tools empower adversaries to innovate Think you can recognize an incoming attack? Think again. With AI and machine learning at their disposal, threat actors can easily create legitimate-looking emails or texts that appear to come from trusted people and businesses.