Singapore sees a threefold increase in cyberattacks against SMBs, with 453 attacks targeted at this type of businesses in 1H2023 compared to 112 in the same period last year, said Kaspersky recently.
In 1H 2023, SMB employees here encountered malware or unwanted software disguised as business applications with about 50 unique files being distributed in the time period while there were only 24 unique files being distributed in the same period of last year in Singapore, the firm noted.
The SMB Threat Statistics from the Kaspersky Network Security (KSN) telemetry gathered figures from six countries in Southeast Asia, according to Kaspersky, adding that KSN is a system for processing anonymised cyberthreat-related data shared voluntarily by Kaspersky users.
This finding is aligned with the findings of both the Cybersecurity Agency (CSA) and the Singapore Police Force, where in the last quarter, issued joint advisories on Malware Scams, Malicious QR codes and protecting against Malicious Wireless and Wired Connections, the firm said.
“SMBs continue to be the core of Singapore’s economy,” said Yeo Siang Tiong, General Manager of Southeast Asia at Kaspersky. “As businesses focus on wrapping up projects for this fiscal year and begin planning for the year ahead, it is prudent to ensure that the good habits that are in place continue to be upheld and to ensure the appropriate infrastructure and additional safety nets are put in place as we enter the final fiscal lap for the year.”
Kaspersky said SMBs can safeguard their organisations with the following tips.
- Provide staff with basic cybersecurity hygiene training. Conduct a simulated phishing attack to ensure that they know how to recognise phishing e-mails.
- Set up a policy to control access to corporate assets, such as e-mail boxes, shared folders and online documents. Keep it up to date and remove access if the employee has left the company or no longer needs the data.
- Use cloud access security broker software that can help manage and monitor employees’ cloud activity and enforce security policies.
- Make regular backups of essential data to ensure that corporate information stays safe in an emergency.
- Provide clear guidelines on the use of external services and resources. Employees should know which tools they should or should not use and why. Any new work software should go through a clearly outlined approval process by IT and other responsible roles.
- Encourage employees to create strong passwords for all digital services they use and to protect accounts with multi-factor authentication wherever applicable.
- Use professional services to help you get the most out of your cybersecurity resources.
- Use a security solution for endpoints
- Have a comprehensive defensive concept that equips, informs and guides your team in their fight against the most sophisticated and targeted cyberattacks