A new virus has just been identified that is specifically targeted at small and medium-sized businesses (SMBs) in the UK. This attack is initiated as a highly targeted phishing email that purports to be tickets to a theatre performance of Peter Pan. Attached to the email is the “ticket”, which is actually a malicious payload. Once opened the payload installs malware that spiders out across all devices on the same network, replicating itself and collecting user names, passwords and other sensitive information from the infected devices. The compromised information is then sent to a command server in Eastern Europe.
Why is this attack targeted at SMBs? Although we don’t know for sure without speaking with the cyber-criminals behind this attack, it is a pretty safe bet that the criminals view SMBs as a soft target. The threat landscape is becoming more challenging by the day; the volume of intrusions is increasing, and attacks are becoming more sophisticated and targeted. We tend to think of cyber-threats as a phenomenon that affects large enterprises and government entities: organizations that have the capabilities, staff and resources to buy the latest security products and figure out how to get them to work together. The reality, however, is that SMBs are faced with exactly the same cyber security challenges as their larger brethren, but don’t have the budgets or manpower to adequately address the threat. The cyber-criminals know this and have turned their attention to attacking these less-defended targets.