NewsUncategorized

Top 10 cyber threats for SMBs

As an owner of a small or medium-sized business (SMB), you are unfortunately a prime target for cyberattacks and face a significant risk of being compromised. Recent studies highlight the growing cybersecurity challenges for SMBs, with one estimating that 44% of cyberattacks specifically target them (1). Despite these alarming statistics, many SMBs underestimate or even ignore the cyber risks they face. This misconception, coupled with often limited cybersecurity resources, leaves them vulnerable to a wide range of threats.

While large corporations dominate headlines when they fall victim to cyberattacks, SMBs face unique and potentially more devastating consequences. Unlike larger organizations, SMBs often struggle to recover from an attack, making it critical to raise awareness about their cybersecurity challenges.

In this article, we’ll explore the most common types of attacks SMBs encounter. By understanding these threats, you can take proactive steps to better protect your business. 

I)                    The most common cyberattacks against SMBs

The following attacks are the most commonly used to target SMBs, according to our research. These are considered big threats in the cybersecurity space, no matter the size of the company, but are easier to use against SMBs due to their limited cybersecurity resources and knowledge.

1)      Phishing

The biggest threats for your SMB are phishing attacks. False e-mails or SMS are sent to employees from senders pretending to be someone in your company, partners or an important institution. Through phishing attacks, cyberthreats actors will try to get sensitive information and data about your business.

You have probably already dealt with phishing attempts. On average, a company spends 27.5 minutes to deal with one phishing e-mail, costing $31.32 per e-mail to the company (2).

2)      Ransomware

Close second are ransomware. They are malicious software designed to extort money from your SMB. It can reach your IT infrastructure through a lot of different ways: phishing attempts, malicious websites or ads, infected downloaded software… Once it is downloaded, the process is the following: you will be locked out of your computers or won’t have access to some files, for example. To get the accesses back, threat actors will ask you to pay a ransom.

They are a lot of infamous examples of SMBs having to close following a ransomware attack. Even a medium-sized business of 300 people went out of business, a few months after a ransomware attack, unable to get back on its feet (3).

3)      Malware (including viruses)

Malware are the most commonly known cyber risks. They include viruses, worms, trojans, spyware, adware. While we detailed ransomware in a separate section, as they are one of the biggest threats for SMBs, malware in general are a huge threat for your business. Depending on the type of the malware, they can compromise the security of your IT systems and disrupt operations, for example.

4)      DDoS attacks

The goal of Distributed Denial of Service attacks (DDoS attacks) is to put a targeted website, server, or network out of operation. In the case of a DDoS attack, a multitude of compromised systems simultaneously attack a chosen target. Due to the high number of requests, these attacks are particularly effective, causing the target to function abnormally, either by become extremely slow or, in the worst cases, entirely collapsing. 

DDoS attack can be especially damaging and expensive for SMBs. A recent study showed that one DDoS attack costs, on average, $120,000 for a SMB (4).

5)      Botnets

A bot is a compromised device or system, remotely controlled by an attacker. When several computer systems are infected, they form a botnet. Laptops or classical computers, and any device with internet or connected to a compromised network can be part of a botnet. The goal here is to use the compromised devices to carry out malicious activities such as DDoS attacks, sending spam e-mails, spreading malware…

II)                Mistakes leading to cybersecurity breaches

Cyberattacks are, of course, the biggest risk for your SMB. But the reality is that these attacks are facilitated through the choice of your cybersecurity strategy and its daily management.

1)      Unmanaged vulnerabilities

Unmanaged vulnerabilities are any security weaknesses that arise from improperly managed cybersecurity tools and neglected protection measures. This includes any lack of updates in systems or software, outdated software, improper configurations of cybersecurity tools, and unpatched vulnerabilities. Unmanaged vulnerabilities usually happen because of limited resources or a lack of cybersecurity staff and are an easy way for threat actors to gain access to SMBs. 

2)      Weak passwords

A common, and important vulnerability, are weak passwords. The need for a complex password to protect your IT infrastructure is well-known by the public, yet this remains a significant weakness in cybersecurity, especially if an IT-team doesn’t supervise the cybersecurity strategy of an organization. A weak password is a simple vulnerability for cyber threat actors to exploit. 

3)             Insider threats

Insider threats are considered to be one of the biggest risks for your SMB, on par with threats like phishing attacks or ransomware. Current or former employees, third-party actors such as business partners or contractors: anyone who has access to sensitive data of your company can take it in order to misuse it.

SMBs are particularly susceptible to this type of threat. They tend to use traditional cybersecurity tools that often fail to analyze human behavior. 

4)      Human errors

Human errors occur, and are, unfortunately, a major weakness to the cybersecurity of organizations. While mistakes can, of course, happen to anybody, the current trend for cyber threat actors is to create situations that will lead to mistakes made by employees. This is called social engineering, and the most common examples are the phishing attacks previously covered in this article. 

5)      Mobile devices

Smartphones, and other mobile devices, are usually the forgotten part of organizations’ cybersecurity strategies. And this isn’t only the case for SMBs. Unprotected mobile devices create an easy access to a company and its infrastructure. They store a considerable amount of data about the company and are frequently used in public places with unsecured Wi-Fi. The protection of mobile devices can lead to a big competitive advantage for companies. 

III)           How do you handle the cybersecurity of your SMB?

Being aware of the cybersecurity risks your SMB is facing is the first step to build a robust and proactive cybersecurity strategy. To avoid the internal mistakes mentioned above, that create vulnerabilities in your company and thus facilitate attacks, simple habits can be taken, such as employee trainings to handle phishing attempts or processes to secure your data for example.

Having someone in charge of your company’s cybersecurity is, of course, the safest option. But cost-effective cybersecurity solutions exist to prevent attacks from happening. An EDR, like our EDR OPTIMUS , will protect you against all the threats seen in this article: phishing attempts, ransomware, DDoS attacks… It will even help prevent insider threats thanks to its capacity to detect unusual behavior in your systems. And it doesn’t need a big cybersecurity team to be used.

Additionally, a solution like TEHTRIS MTD protects your smartphones (and all your mobile devices) against threats specifically designed to target them . As mentioned before: in this day and age, a cybersecurity strategy is a competitive advantage. Reducing the risks of having to shut down a company because of an attack will set you apart from most SMBs that won’t take these measures.


(1) https://www.stelliant.com/actualites/besse-stelliant-etude-cyber/

(2) https://20641927.fs1.hubspotusercontent-na1.net/hubfs/20641927/Site%20Assets/Resources/Whitepapers/Whitepaper-Osterman-Research-The-Business-Cost-of-Phishing.pdf

(3) https://www.zdnet.com/article/company-shuts-down-because-of-ransomware-leaves-300-without-jobs-just-before-holidays/

(4) https://www.techinsurance.com/resources/ddos-small-business-costs