Small businesses targeted by cybercriminals on dark web

Today

A cybersecurity report by Guardz reveals a concerning trend whereby small businesses are increasingly targeted by cybercriminals on the dark web through Attack as a Service schemes.

The Guardz Research Unit (GRU) has highlighted widespread cybercriminal activity, notably aimed at small businesses such as legal and accounting firms. Cybercriminals are exploiting unpatched vulnerabilities, selling stolen credentials, and orchestrating ransomware attacks at alarmingly low prices. One dark web listing even offered administrative access to a U.S. law firm's network for USD $600.

According to Guardz, small businesses constitute 90% of all businesses and contribute 50% of the world's GDP, yet they frequently lack robust cybersecurity measures making them highly susceptible to cyberattacks. Cybercriminals are particularly drawn to small businesses for their valuable data, including financial records and personally identifiable information (PII). With Attack as a Service tools easily accessible on the dark web, small businesses have become attractive targets for hackers.

The GRU's investigation reveals various dark web "deals" where hackers offer exploitation of unpatched vulnerabilities, among others. Approximately 15% of listings analysed by Guardz involve access through long-known issues such as the EternalBlue flaw in the Windows Server Message Block protocol, which remains vulnerable on many devices globally since its disclosure in 2017.

Additionally, there is a significant trade in stolen credentials, with Remote Desktop Protocol (RDP) and Virtual Private Network (VPN) access to small business networks being sold. Admin-level RDP access for an accounting firm was auctioned for USD $1,800, while lower-level credentials sold at around USD $300. Such access enables cybercriminals to deploy ransomware, steal data, and engage in fraudulent activities.

Guardz has reported the increasing use of Ransomware as a Service, employing double extortion tactics where sensitive data is threatened with release if ransoms are not paid. The GRU cites a case where data from a family law firm was posted publicly on a dark web site, causing significant reputational harm. Cyber incidents like these lead to drastic operational disruptions, with 94% of ransomware victims experiencing notable downtime.

Dor Eisner, CEO and Co-Founder of Guardz, commented, "Cybercrime has become an industry of its own, and enterprises are no longer the sole or main targets; small businesses are its new favourite victims – whether they realise it or not. For just a few hundred dollars, hackers can gain and share access to company systems, hold data hostage, or disrupt operations, putting entire livelihoods and businesses at risk." He emphasised the importance of closing security gaps, promoting proactive threat detection, and enhancing employee awareness to protect operations and sustain client trust.

Guardz's research underscores the urgency for small businesses to strengthen cybersecurity practices by managing patches effectively, setting strong credential policies, employing multi-factor authentication, and ensuring secure backups of crucial data. Collaboration with trusted Managed Service Providers (MSPs) is also recommended to leverage their expertise in handling emerging threats.

The company remains committed to protecting small businesses with a unified, AI-powered platform providing comprehensive cybersecurity solutions through its MSP partners. Guardz's platform enables automated threat management across various digital components, helping small businesses manage their cybersecurity challenges effectively and mitigate risks.

Share on: