Italy is one of the countries most affected by hackers and the dangers for SMBs always come from ransomware, viruses and phishing attacks
The case of the latest and sensational cyber breach, by the WannaCry ransomware, a malware that encrypted more than 300 thousand computers, has uncovered a long-standing problem: companies and institutions continue to consider cybersecurity unimportant.
As seen with the WannaCry attack, which spread around the world in a matter of hours, all it takes is a simple vulnerability in devices used by businesses to get infected. Flaws that could have been corrected with an update. In Italy there are many problems that prevent companies, especially SMEs, from being sufficiently protected. The most obvious is the lack of a cybersecurity culture. Exactly as occurred a few years ago, when employees who knew how to use a computer could be counted on the fingers of one hand, today there are few who, instead, know the dangers that lurk on the Internet.
The 5 cyber threats that an SME must face
The first threat that a small and medium enterprise must face is the training of its employees. The company must start a computer literacy process that takes cybersecurity into consideration. An employee who is unable to block an attempted hacker attack risks compromising the company's production process and, in the most extreme cases, even its future. The careless opening of an email attachment is enough to allow hackers to attack the company. Staff preparation is more necessary than ever today, given the digitization initiated by companies. The entry of always-connected machines of the Internet of Things into the company exposes IT systems to greater risks.
And then there are the threats that come from the mobile devices that employees have. Smartphones and tablets, if hacked, allow hackers to access confidential files, which are often used to extort money from companies. Not to mention that, because they are networked, they can be used to disrupt the company's entire IT infrastructure.
Companies must fight three main threats: viruses, phishing and crypto-ransomware. The first one is often introduced into the company through an external device, for example through a USB stick, the other two, however, run on the Internet and are closely linked to each other.
Phishing is a computer scam technique that tries to make victims fall into a trap with the aim of stealing personal information. Usually the phishin attack starts with an email message: in the email there is a link that if opened directs victims to a fake site, identical to the original one, where they are asked to enter their data, such as their credit card.
The real scourge for companies is called ransomware, or ransomware virus. It is a type of malware that encrypts the data of affected machines and asks for a ransom payment in return. And there are many companies that, in order to have the decryption keys back, decide to pay.
In light of these considerations, the only way to reduce the risks of being hit by hackers is to invest more in IT security. And in Italy, at the moment, companies are spending very little money.