Nature of the error: A quarter of SMEs work with unprotected databases

A quarter of media outlets operate with an insecure database that attackers can access with merely violent passwords.

This is stated in a study by Tinkoff Business (Izvestia has it). The current situation threatens to leak user data and commercial information, experts say. According to them, more than half of the “leaks” of information fall on small companies. Opora Rossii stressed that developer services are expensive for small businesses. In recent years, however, SMEs have become increasingly concerned about systems security, as vulnerabilities threaten to tarnish their reputation and drive customers away from the company’s services.

Mal is attacked

Nearly half (46%) of small and medium-sized enterprises (SMEs) are exposed to cyber security threats. This is according to a study by Tinkoff Business (owned by Izvestia), which analyzed more than 40,000 websites and databases of small organizations. Consulting, retail and IT companies were hardest hit, accounting for 44% of all vulnerabilities.

Most often – in 33% of cases – SMEs make sector verification errors, the study says. This vulnerability allows a resource to be removed from its holder by falsifying data about it. In second place in terms of prevalence is an unprotected database (found in 27% of companies). Anyone can access it with just raw passwords. In this case, intruders can make life difficult in a number of ways: shutting down the database door, complicating the password, or enabling IP address filtering so that only business owners and trusted individuals can access it. to open the data, Tinkoff’s researchers noted.

“Third place – for SSL error Unknown issue (15%). The SSL security certificate in such resources belongs to another person, which means that the site is vulnerable to spyware attacks. Fourth place – for weak protection against ransomware (9 “‘s, which can encrypt the information so that it can not be used. The ransomware ports are closed by default, they open mainly due to surveillance,” the study said.

Of these threats, the most critical for users is database compromise, says Vladimir Ulyanov, head of the Zecurion think tank. Note that other errors can only affect indirectly: for example, encryption viruses are dangerous if they enter the user’s device, but not the victim’s network. Problems with the certificate can lead to inaccessibility of the site, which will affect the customer experience, the expert added.

– The criticality of a vulnerability is not determined by the size of the company, but by the characteristics of its business. For companies that have an online store or business card site, the risks are radically different. It is not right to generalize the threats just by the size of the companies. The degree of risk to users depends on the data collected by the company. It is important to rule out their surplus. Some people like to collect unnecessary data to get to know their client better, for example, gender, age and so on when registering. In practice, this does little. It irritates customers, leads to an increase in the number of denials of the transaction, – said Vladimir Ulyanov.

Problems with infrastructure protection, including the protection of data storage systems, are probably more dangerous, says Andrei Arsentiev, head of analytics and special projects at InfoWatch. He explained that if a company is not protected from intrusion, it is fraught with loss of customer loyalty, costs as a result of downtime during an attack, and the cost of eliminating the consequences of a cyber attack. There is also a need to attract expensive experts to conduct research and possible sanctions by regulators.

expensive and important

Accidental breaches related to database protection can also lead to serious consequences. If the storage space remains public due to incorrect settings and server configuration errors, then this is always fraught with breach of confidential data. Customer and employee personal data, trade secrets, source codes, etc. may fall into the hands of strangers. As a result, the company may lose market advantages, lose many promising developments, experience an outflow of customers. In developed countries, about 20% of customers leave if their data is leaked, said Andrey Arsentyev.

According to him, open databases are a problem that is more typical for small and medium enterprises. More than 60% of all known cases of leakage of confidential information from cloud services (Elasticsearch, Mongo DB, Amazon S3) are done by small and medium enterprises – companies with up to 500 jobs, the expert knows.

As a rule, companies from the SME sector that do not work in the IT sector either do not set budgets to ensure cybersecurity or leave minimal costs: for example, they hire a specialist who sets up the job once and then checks and informs the system every month, said the first vice-president of “Opora Rossii” Pavel Sigal. According to him, companies usually start spending money on protection after an intrusion and data leak.

Owners of companies that face extortion often need to turn to experts. Unfortunately, cyber security is underdeveloped in Russia and companies do not realize how important data protection is. First, the services of good and capable experts are very expensive and second, after the crisis, companies direct working capital mainly for the purchase of goods and current needs, said Pavel Siegal.

However, according to him, in recent years, small businesses have become more responsible for their own security and customer data – in the event of a leak, there is too much damage to reputation. This is especially dangerous in small cities, where the media have one or two outlets: information about problems is spread very quickly and customers and partners break off relations with the affected company, the expert explained.

The Ministry of Digital Development did not respond to Izvestia’s request to ensure the security of the companies’ websites by the SME department.

Leave a Comment