Cybersecurity, both in private companies and in public administrations, is a fundamental element for the proper functioning of systems and the protection of confidential information and data.
Due to the current growth of cyberattacks, both state and European entities have created a series of measures to curb and reduce cyberattacks on companies.
In this article, you will be able to know the importance of cybersecurity in SMEs, large companies, and public administrations along with the most common threats in each of them.
Cybersecurity in SMEs
These types of companies are usually the most vulnerable when it comes to cyberattacks due to the great scarcity of resources they have, since they do not believe it is necessary to invest in cybersecurity.
According to several data from the National Institute of Cybersecurity, a cyberattack would mean a total of € 35,000 approximately to the SME that suffers it. In addition, 60% of SMEs that are victims of a cyberattack tend to disappear six months after it due to the large breach it causes.
Some of the most common cyberattacks in small and medium-sized businesses are:
- Impersonations of senior managers: hackers buy domains very similar to those of the company, in this way they are able to send emails to impersonate someone of this.
- Microsoft Service Fraud: This type of cyberattack begins when a supposed Member of Microsoft Support calls a company phone and assures you that there is a problem with your computer and that you must make a series of changes to the system.
- Adware: these are attacks that infect computer equipment and display unwanted advertising in applications.
- Attacks on the website: cybercriminals locate the vulnerabilities of the websites of companies. SMEs do not have such advanced and secure systems to create and protect their website so this type of cyberattacks are usually the most common in this type of company.
- Ransomware: it is a software that is responsible for stealing information from companies. It consists of encrypting files so that they are inaccessible.
- Phishing: is another of the most common methods to steal information by impersonating different identities. These types of cyberattacks take place via email.
- Information leaks: This usually occurs when large numbers of employees have access to sensitive information which should only be accessible to a very limited number of people.
As we can see, there are numerous types of cyberattacks completely aimed at small and medium-sized companies due to the low investment in cybersecurity, which makes them an easy target for cybercriminals.
Cybersecurity in Large Companies
According to several Kaspersky Lab studies on cybersecurity, they show that large companies only invest 22% of the total budget in IT.
In order to stop any cyberattack it is necessary to know which are the most common cyberattacks in large companies:
- Ransomware: These types of attacks are just as common in large companies as they are in SMEs. These cyberattacks usually require a ransom for the recovery of that stolen information.
- Malware: locates flaws in the system to obtain confidential information.
- Cryptocurrencies: with the appearance of bitcoin, cyberattacks have increased in this type of company due to the creation of cryptocurrencies. Some users use malware to infiltrate other computers and thus use cryptocurrencies.
One of the best-known cyberattacks on large companies is that of the “WannaCry” ransomware against Telefónica. This blocked access to all types of data which caused the mobile phone company to lose more than 3,500 million euros to recover all the information.
Cybersecurity in public administration
It is quite common to hear news of new cyberattacks in the public administration and not be able to carry out any type of public procedure because the system has fallen.
That is why in 2010 the National Security Scheme was created, where the minimum cybersecurity requirements that public administrations must meet to guarantee the security of their data and systems were established.
Last year there were numerous cyberattacks among which it is worth highlighting the ransomware attack of June 9 to the Ministry of Labor and Social Economy, where the consequences were quite serious both in the economic and operational field.
This attack meant that more than 5,500 employees of the public administration could not attend their jobs and use their computers for more than 15 days, leaving the service to the public to be suspended.
Some of the most common attacks on these entities are:
- DoS or DDoS attack: it consists of saturating calls or requests to a website until the service stops working.
- Ransomware: they are usually the cyberattacks that most affect the public sector and as in SMEs and large companies infect the entire system causing a collapse in it.
- Theft of information: the main objective is extortion so as not to publish information about citizens or the entity itself. The sale of information is also possible. At the moment this has been carried out more in private companies than in public ones, but it is a threat that must be taken into account.
Cybersecurity as a business necessity
To avoid suffering a cyberattack, whether you are a private or public company and regardless of the size of your company, it is necessary to have cybersecurity solutions that fit the needs of each organization.
Once the main cyberattacks in each entity are known, it is time to put a stop to this and avoid being a victim of any of them.
CENTUM Digital and its cybersecurity solutions
At CENTUM Digital we are experts in cybersecurity solutions, and we have a wide range of services completely adaptable to any company or entity.
One of our solutions is regulatory compliance through which we help you identify the norms and standards that your sector requires.
