March 17, 2021

The number of reported cybersecurity incidents in Canada and around the world continues to grow. In addition, the Covid-19 pandemic and confinement have caused a big rise in attacks due to remote working and the consequences are becoming more and more severe (financial losses, operational disruptions or even damage to reputations).

The Canadian economy is mainly made up of SMBs (98%) with less than 100 employees. Most have little or no financial or human resources (technical expertise) to tackle the challenges caused by cyberattacks. They are therefore preferred targets because they would be easier to harm.

Unfortunately, securing their IT system is not a priority for the majority of SMBs, even if it is a major issue for their survival.

The cyber attacks that SMBs are most likely to experience are:

  • Ransomware: This means taking data hostage by encrypting it and then demanding a ransom for the key that will decrypt that data. This attack can come from attachments, a link to a trapped web page, a download, or even a USB key.
  • Malware: These programs perform operations without the user’s knowledge (stealing information, spreading or destruction of data, remote control, installation of encrypting viruses). They can come from attachments, a link to a trapped web page, a download, or via a USB key. They can also attack smartphones, tablets, and all connected objects.
  • Phishing: Phishing refers to any attempt to steal information. It is a social engineering method of scamming online by sending fake emails, imitating those of an institution or company and appearing to be from a trusted source. Users are thus encouraged to reveal confidential data such as their banking information. Many phishing emails, for example, claim to be from a bank and invite recipients to enter their credentials on a fake web page mimicking the bank’s website.
  • CEO or BEC fraud: This consists of usurping the identity of a real CEO, supplier, banker, to manipulate accounting in order to obtain a payment. The scam most often starts with a simple phone call or email. Fraudsters can be very persuasive and exert strong psychological pressure.  Do not underestimate them.
  • DDoS: A distributed denial-of-service (DDoS) attack uses a bot networks to send (botnets) a flood of requests in order to harm a specific website or server. To do this, the attacker will order all botnet agents to communicate repeatedly with a given website or server. This increase in traffic volume will saturate them with the aim of making a service unavailable, preventing legitimate users of a service from using it or disrupting connections between machines. In practice, an attack can block a file server, make it impossible to access a web server or prevent the distribution of emails in a company.

Not knowing where to start to improve their IT security, managers do … nothing.

Here are some simple steps you can take as quickly as possible to reduce the risks:

  • Choose complex passwords.
  • Regularly update applications and IT systems
  • Control access rights to the IT system
  • Perform regular data backups.
  • Secure access to the company’s internal Wi-Fi network
  • Secure your computer network using Firewall.
  • Make sure that all computers, but also tablets, smartphones and servers are protected by “security suites” including anti-virus, anti-phishing, and tools to encrypt data.
  • Have a system to protect company data in the event of theft of equipment: information contained on a stolen smartphone or computer can indeed be deleted remotely.
  • Employee awareness training in IT security
    • Be very careful in managing your emails (phishing, malware …)
    • Only download software from trusted sites
    • Etc.

Protecting yourself and your customers is no longer an alternative but an obligation.

You want powerful tools to protect your customers against cyber attacks? At ITCloud.ca, we offer you solutions from world leaders in cybersecurity:

  • Supervised backups with SBackup and MedicBackup
  • Antivirus, antimalware, and firewall with Bitdefender
  • Anti-spams with Spam & Malware
  • Productivity and Security with Microsoft 365 Business Premium / Microsoft 365 for Enterprise

If you need any assistance, please feel free to contact us at Partners@itcloud.ca