How Indian MSMEs Can Prevent Cyberattacks

A stupendous experienced Intrusion Analyst, Shomiron is developing threat detection systems for over a decade. He is a highly skilled in Intrusion Analysis, Therat Intelligence, SIEM, DDoS Defense Strategies, Intrusion Prevention, Incident Handling, Multi-layer Correlation and BigData.

The pandemic has sent ripples across the economy and businesses all around the globe. Amongst the most impacted are the small and medium scale businesses as they face a financial crunch. With work from home being the new norm, medium scale enterprises are experiencing a spurt in cyberattacks and ransomware attacks since the lockdown, while the business environment is turning mobile. The digitization of work processes has made businesses seamless with data available everywhere. 30% of MSMEs have launched either a website or an e-commerce functionality. However, this has also made MSMEs attractive to cybercriminals.

A recent case of a cyberattack is that of a ransomware named `Dharma' which is an RaaS (Ransomware as a Service). Buyers or affiliates of Dharma, target companies by depending on a menu-driven `PowerShell' script that installs and launches the components required to spread ransomware across the target network. After the execution of the master script, it identifies it-self as `Toolbox' and launches the attack with the message, `Have fun, bro!' Amid the pandemic, the ransom demands have reached an average of 6.4 lakhs. A report from Sophos says that 82% of Indian organizations were hit by ransomware in the last six months, which is a 15% rise from 2017. To rectify the impact of each ransomware, Indian enterprises incurred expenses of approximately Rs. 8.02 crore.

MSMEs play a pivotal role in the development of India as they con-tribute 29.7% to GDP and 49.66% to Indian Exports. Therefore, having a robust cybersecurity strategy is more crucial than ever, especially during such trying times.

Network firewalls are for monitoring communications between company computers and outside sources. If a company wishes to restrict certain websites and IP addresses, it can do so using a network firewall

Why do MSMEs fall prey to cyberat-tacks?
Cybercriminals target MSMEs with the following techniques of attacks-
• Ransomware
• Phishing emails
• Viruses

Cyberattackers are aware of the fact that MSMEs may not have a comprehensive security setup implemented with best practices. Also, to be efficient and agile in their functioning, MSMEs work with multiple third-party vendors and suppliers. They are the keepers of sensitive information but may not have the necessary cybersecurity measures to thwart an attack. A recent example is that of a famous delivery service provider, which suffered a data breach that leaked email addresses and phone numbers of its users. The attack happened as the servers of a third party that the delivery startup worked with were compromised.

Ways To Prevent Cyberattacks
As cyber assaults continue to exploit enterprises in the time of crisis, it's high time for MSMEs to review their existing cybersecurity strategy and boost its cyber resilience. Here are some ways ­

1. Implementing security log management system ­ A security log management system collects data from various sources, such as network devices, servers, domain controllers, etc. into one centralized location. The data collected from the sources is analysed to detect threats and abnormalities in user behaviour. This helps in identifying security breaches and enables the enterprise to investigate alerts.

2. Deploying Firewall Security ­ Deployment of firewalls restricts emails coming from malicious sources. There are two types of firewalls ­ network and host. Net-work firewalls are for monitoring communications between company computers and outside sources. If a company wishes to restrict certain websites and IP addresses, it can do so using a network firewall. Host-based firewalls are for devices that are network connected but not protected by a network firewall. They can be useful for homes with multiple computers sharing the same network.

3. Data Backups ­ It is wise for the enterprises safer to take backups of data in case of any cyber assault.

4. Employee Education - Many cyberattacks happen due to human error. It is necessary to educate employees about suspicious emails, data or access requests. MSMEs should create a company policy to mandate the usage of smart and complex passwords that are to be changed at an interval of three months. The passwords should not be the same across multiple platforms.

5. Making Payments Online ­ The pandemic has seen an upsurge of online payments. MSMEs should en-sure that those online transactions are carried by authorized persons only. An additional layer of security can be implemented by doing a cross-check with the bank about inward/outward transactions and verifying details with suppliers.

6. Virtual Private Network ­ Enterprises are adapting to working from home and stand a high chance of employees using unsecured networks. Using VPN connectivity adds a protective layer by encrypting the data transmitted from one device to another. Besides, only whitelisted IP addresses or device IDs should be allowed to access systems; this will restrict access to only authorized users.

In today's hyper-connected world, cybersecurity is a necessity, be it a large, medium, or small enterprise. MS-MEs may be more prone to cyberattacks as they typically have fewer resources dedicated to cybersecurity and the awareness of it. The implementation of robust cybersecurity measures will help MSMEs to be better prepared, take proactive actions to thwart cyberattacks, and stay ahead in their growth journey.