IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Mid-sized businesses on hackers’ 2022 hit list, cyber agencies warn

Cyber criminals are "shifting away from big-game hunting", say FBI and NCSC

Mid-sized businesses are now the main target of ransomware gangs, with hackers seeking to avoid the public scrutiny that comes with going after high-profile public services or well-known brands.

The National Cyber Security Centre (NCSC), alongside its US and Australian counterparts, said criminals are no longer engaging in the sort of "big-game hunting" that have resulted in world-wide press coverage in recent years, as outlined in a joint advisory published on Wednesday.

The FBI have observed that attacks on Colonial Pipeline, JBS Foods, and Kaseya in 2021 in particular, led to a noticeable shift in behaviour.

“Big-game” attacks had also been observed in Australia and the UK over the course of the year, with the NCSC describing the top victims of 2021 as “businesses, charities, the legal profession, and public services in the Education, Local Government, and Health Sectors”.

However, hackers are now opting to target mid-sized organisations in an effort to reduce public – and often international – scrutiny, the report found. It comes after a recent Mitre-Harris Poll survey found that almost nine in ten Americans believe that a ransomware attack should be treated as an act of terrorism, which could potentially lead to increased chances of the involvement of law enforcement.

Using cyber criminal services-for-hire has become a popular tactic among hackers, alongside phishing emails and the exploitation of remote desktop protocols (RDP) as well as software vulnerabilities.

The agencies are urging organisations to keep all operating systems and software up to date, to secure and monitor RDPs, and increase their use of multi-factor authentication (MFA) – a protection method which is known to reduce account breaches by 50%.

Staff should also be adequately prepared for potential attacks with the help of user training programmes and phishing exercises, the advisory warned.

Related Resource

Vulnerability and patch management

Keep known vulnerabilities out of your IT infrastructure

Whitepaper cover with dark red smoke-like graphic on black backgroundFree Download

The shift away from high-profile targets has been predicted by a number of cyber security researchers following the Colonial Pipeline attack. In July 2021, Quest senior director of product management Paul Robichaux told IT Pro that "ransomware gangs that attract too much attention by attacking the wrong targets are going to bring the heat on themselves and get put out of business through law enforcement activity".

Hence, the "smarter" hackers "will pick their targets more carefully, both by industry and by geography".

“The smartest will focus only on territories where there is unlikely to be any meaningful law enforcement or intelligence community response and focus all their activity there," he added.

Featured Resources

Activation playbook: Deliver data that powers impactful, game-changing campaigns

Bringing together data and technology to drive better business outcomes

Free Download

In unpredictable times, a data strategy is key

Data processes are crucial to guide decisions and drive business growth

Free Download

Achieving resiliency with Everything-as-a-Service (XAAS)

Transforming the enterprise IT landscape

Free Download

What is contextual analytics?

Creating more customer value in HR software applications

Free Download

Recommended

Mastering endpoint security implementation
Security

Mastering endpoint security implementation

18 May 2022
The Total Economic Impact™ of Apple Mac in Enterprise: M1 update
Whitepaper

The Total Economic Impact™ of Apple Mac in Enterprise: M1 update

12 May 2022
Dell Technologies World 2022: Dell unveils fastest storage architecture in company history
Server & storage

Dell Technologies World 2022: Dell unveils fastest storage architecture in company history

4 May 2022
Dell Technologies World 2022: Dell unveils security offerings for major cloud providers
public cloud

Dell Technologies World 2022: Dell unveils security offerings for major cloud providers

3 May 2022

Most Popular

16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

13 May 2022
Preparing for the 3G sunset
Network & Internet

Preparing for the 3G sunset

18 May 2022
(ISC)2 launches free scheme to get 100,000 UK citizens into cyber security
Careers & training

(ISC)2 launches free scheme to get 100,000 UK citizens into cyber security

17 May 2022