• February 29, 2024
  • Catagory hardware

Old Routers, Email Impersonators Raise Security Stakes for SMBs

By : Justin Folkerts

The security stakes for SMBs are high enough already as smaller organizations must grapple with the same threat as large enterprises, including ransomware and malware that’s been augmented by artificial intelligence (AI).

These innovative threats can distract from the reality that other mundane vectors remain a serious threat to SMB security.

It may be working fine, but it’s not secure

On the hardware front, SMBs need to be wary of threat actors targeting old routers. Earlier this month, CRN reported that nation-state hackers from China were linked to an attack that compromised hundreds of small business and home routers. Just because you’re a small business, doesn’t mean you won’t be eyed by international hackers.

One of the reasons SMBs are considered worthwhile targets are because they’re often part of a broader supply chain connected to critical infrastructure. Compromised routers can be used together to form a botnet – such a malware-infected device can become a launchpad to attack other organizations.

What all these routers tend to have in common is that they are end-of-life (EOL) products – they may still be working fine but are no longer being supported by the vendor with firmware and security updates. Since it costs money to replace aging hardware, companies often continue to use old, unsupported routers which not only lack needed updates, but weren’t designed with the smarts to combat the latest security threats.

The CRN article notes that bad actors view SMBs as nothing more than an IP address, so as a supplier organization providing others that provide critical infrastructure, smaller firms can be high priority target.

Check your email carefully

Email has long been an attack surface for businesses of all sizes, but SMBs should be aware of hackers hijacking mailing lists of other business, including those of their email service provider.

A recent example reported by TechRadar involves provider SendGrid, which was exploited by attackers to access client mailing lists to send tailored, authentic looking emails asking recipients to activate multi-factor authentication (MFA) via a link in the email. Unsuspecting users who clicked on the link were sent to fake login landing page that harvested their credentials.

Making sure you use a reliable, reputable email service provider isn’t enough to protect your business communications infrastructure from bad actors, who are getting smarter all the time and better at mimicking real organizations.

What you can do

SMBs need to take equipment upgrades seriously – just because a router still works, doesn’t mean it is secure, so have a process in place to regularly review endpoints to verify they are still supported by vendors with updates.

As long as there’s email, there’s going to be email phishing scams, so it’s important to maintain cybersecurity training so that employees can spot phishing attempts, no matter how sophisticated.

If you’re an SMB that is struggling to keep on top of all the cybersecurity threats in a dynamic digital landscape, consider turning to a managed services provide who can help evaluate your hardware and support cybersecurity training for your team.