An overarching theme of the report reveals that SMBs around the world (and particularly in North America) believe they are too small and pose too little value to hackers to be worth their time, but recent trends in hacker and cybercrime activity reveal that’s just not the case.

In reality, SMBs’ limited resources, inadequate security, and lack of technical expertise make them more vulnerable to cyber attack, and hackers are taking notice.

Jeff Green, Senior VP of McAfee Avert Labs confirmed, “High profile attacks [on larger enterprises] are becoming less frequent because they are often detected quickly. Attackers are favoring stealth attacks that quietly infiltrate systems [of small and medium businesses].”

To change this trend, small and medium-sized organizations will need to make significant shifts in their fundamental values and budgetary allocations.

Today:

• 52% of SMBs believe they are not well known enough to be a target for cybercrime
• 46% believe hackers could not make any money by accessing their information
• 45% of SMBs think they hold little value to hackers
• 44% believe cyber crime is an issue for larger organizations
• 35% of SMBs are not concerned about being a target of cybercrime
• 34% don’t think their information has value outside the organization

As a result, an alarming number (74%) of  SMBs allocate three hours or less each week to IT security, and half of all SMBs surveyed feel adequately protected by default settings on the IT equipment. The effects of these lax standards are dire resulting in stolen data, downtime, decreased productivity, non-compliance, lost sales, and a tarnished reputation.

Businesses in this space typically experience a week of downtime trying to recover from a cyber attack, and real, out of pocket costs hover around $41,000 per incident.

So what’s a small business to do?

“Get ahead of the hackers. Take every step you can to prevent security breaches by partnering with organizations that specialize in security for small business,” advises FireHost Founder and CEO, Chris Drake. “We provide resources and expertise required to do business securely online, and FireHost helps SMBs achieve higher security levels for less money than they might spend taking on the challenge alone.”

Cyber Criminal Technique #1: War Driving

War driving means “cruising” for WiFi signals. Once detected, cybercriminals use FREE password-breaking software to intercept the signal broadcasting from any home or business.

Monitoring WiFi networks over time, cyberthieves can establish a virtual private network and connect directly to a server or database.

Cyber Criminal Technique #2: SQL Injection

SQL injections are a popular way for cybercriminals to get inside “protected networks”. In a SQL injection attack, the hacker types random characters into a web form, such as a log in page. The attack may be carried out manually or using a robot to penetrate the form. Once inside, hackers can gain access to databases containing sensitive, personal information.

War driving and SQL injection attacks are the means to a cyber criminal’s end. Once the target server is breached, he or she implants a “sniffer” program. (Sniffers are widely available for free, and they are capable of logging all traffic moving across a network). Savvy hackers have devised and sell sniffers designed specifically to detect and record credit and debit card information.

Wade Baker, Verizon Business’ principal researcher told USA Today, it takes five to six months (on average) before companies detect cybercrimes of this nature. In the vast majority of cases he has researched, cyberthieves spent days after the initial breach to locate databases with the most valuable information, then methodically extracted the sensitive data for weeks or years before being detected. He warns, “Many organizations right now have breaches they don’t know about and won’t discover for some time to come.”

The Identity Theft Resource Center (ITRC) has investigated about 400 incidents consisting of over 220 million exposed records so far this year. The list of victims proves that lengthy and destructive breaches are not reserved for global enterprise. SMBs, particularly businesses that provide retail, financial, and healthcare services are prime targets.

“The highly available and free nature of the tools necessary to carry out war driving and SQL injection attacks means novice hackers are capable of producing devastating breaches. Achieving PCI Compliance and partnering with a hosting partner that provides security will help prevent you from making the ITRC’s list,” advises Chris Drake, CEO and Founder of FireHost.

A lack of threat awareness is not the problem. The study shows that almost all businesses in this category have installed anti-virus programs and kept security systems up to date, but a large number of SMBs still become victims of cyber crimes. When disaster strikes, viruses (41%) followed by spyware (26%) are most often the cause.

In a conversation with SC Magazine, Luis Corrons, PandaLabs technical director suggested, “these companies often lack the in-house staff and resources to fight off increasingly sophisticated and exponentially more targeted Internet attacks.”

The study’s results support Mr. Corrons claim that SMBs are not or able (or willing) to allocate the appropriate resources to close vulnerabilities and properly secure their environment.

• 52% of survey respondents have no web filtering solution
• 39% are untrained/unaware of IT threats
• 29% have no anti-spam solution
• 22% are without anti-spyware technology
• 16% do not have a firewall

So what should small and medium size business owners do?

Network vulnerability scans provide extremely high value. A thorough scan of your website(s), database(s), and application(s) can identify disasters waiting to happen. With a starting pricepoint around $100 each, vulnerability scans provide SMBs an affordable way to identify open ports, SQL injections, cross-site scripting (XSS) attempts, holes in JavaScript and web forms, and much more.

Steve Hawkins, Raytheon’s VP of Information Security Solutions, told FoxNews.com that there are more than 30 different job descriptions available, and applicants must pass the most stringent security clearances. Qualified individuals must understand computer systems and have a handle on the interaction between hardware and software down to the nitty-gritty. Additionally, applicants should know how the adversary [ cybercriminals ] thinks and adopt their perspective, but in an ethical way.

Raytheon isn’t alone in the movement to beef up the US cyber army. The Center for Strategic and International Studies recently kicked off a nationwide talent search for high school and college students to encourage cybersecurity as a career path.

Aptly named, the US Cyber Challenge has set out to find 10,000 young Americans interested in becoming cyber guardians and cyber warriors. The program will nurture and develop participants’ skills and provide access to advanced education.

“We’re glad to see online security become a public concern. These competitions and recruitment activities reinforce our core belief that everyone is entitled to maintain an identity online without the threat of being hacked or defaced. Having more qualified individuals working to make the internet safer is only going to make our secure hosting services more effective,” states FireHost CEO, Chris Drake.

There are four million British identities for sale according to a weekend story from the UK’s Times Online. The compromised data contains highly sensitive, personal financial information like credit card details, bank account numbers, and PIN’s, and it’s all available to the highest bidder.

You may be wondering how such a large bounty of confidential information was collected, and what organization is responsible for the massive data breach. The startling answer is that no one is directly responsible for the leak; it appears everyday email users like you divulged their digits to these hackers.

“Most of the personal data has been gathered as a result of phishing. Unsuspecting victims hand over the information by e-mail to people posing as reputable sources such as banks or online stores. Other data has been stolen after criminals infect a person’s personal computer with viruses and then raid it for information,” the story states.

The truth is, you are the key component in protecting yourself from phishing attempts. Being smart, web savvy, and even leery about requests for personal information that show up in your inbox can help keep you protected.

In addition, there are sophisticated, spam-protection applications and appliances that can eliminate the bulk of the work for you by “sniffing out” phishy emails and preventing them from reaching your inbox.

The benefits of spam protection are two fold. Flagging and quarantining potentially dangerous email will make checking your email a more pleasant experience, and removing spam from your inbox can reduce the potential for having your identity ruined.

To learn more about FireHost’s unrivaled spam protection and other online security services, visit our secure web hosting add-ons page.

“In 2009, we see three key trends that could impact IT security – a continued explosion of new malware variants, advanced web threats, and an uptick in threats related to social networking sites.” Mr. Salem reinforced that “cybercriminals are more sophisticated and driven than ever, and they operate in an increasingly profitable underground economy that makes it easy for them to not only buy and sell stolen information such as credit card data or even identities.”

Data from Symantec’s Global Intelligence Network indicates we have reached the point where there are more malicious programs created than legitimate programs every day, and that cyber attackers leverage vulnerabilities fueled by application code. Hackers compromise specific (often open source) websites, and then use them as a means for launching other attacks across the internet.

Hosting websites in a secure environment helps prevent malicious hackers from breaching files and applications and stealing confidential information, but you can to more to protect your identity. Partnering with a web host who also has expertise in website security is critical. FireHost’s team of security engineers works directly with clients to help identify and close vulnerabilities in programming and design that hackers can use to exploit your company.

To learn more about how we help remedy JavaScript and open source vulnerabilities, visit our Services page.

An article on FoxNews.com revealed the most recent committee member to be Jeff Moss, aka Dark Tangent. Mr. Moss is widely recognized as founder of the DefCon and Black Hat hackers’ conferences. He has worked in information security for accounting giant Ernst & Young and presently works as an independent cybersecurity consultant for a variety of corporations.

Mr. Moss looks forward to bringing  “a skeptical outsider’s view” to the HSAC, but admits he was surprised by President Obama’s invitation to join the council stating, “I always figured that because of my associations in the past that I would be kind of out of the running for anything like this.”

The US’ strategy of inviting hackers to join governmental agencies is not unique. Britain is taking a precautionary stance on cyber warfare as well by hiring former computer hackers to join a newly formed security unit aimed at protecting cyberspace from foreign spies, thieves, and terrorists.

The cyber security prevention unit will be based at Britain’s Government Communications HQ (GCHQ) in Cheltenham, western England. Britain’s Security Minister, Lord Admiral Alan West said British government systems have probably come under cyber attack, but that he did not know of any specific cases where sensitive data had been lost.

Private organizations, individuals, and corporations should take a proactive stance on cyber crime and identity theft as well.

Chris Drake, FireHost’s Chief Executive Officer recommends every individual and professional organization maintaining a presence online to align themselves with experts in web site security. Speaking from experience he states, “You can prevent negative press, unnecessary expense, downtime and a ton of headache by identifying and resolving website security risks before problems strike.”

Read more about how FireHost can help identify vulnerabilities in your web site by visiting our Website Security Consulting services page.

Each of the twenty hacker activity hubs named in the report was evaluated based on the following criteria:

• Quantity of malicious code
• Presence of spam zombies
• Number of websites that host phishing operations
• Quantity of bot-infected computers
• Attack origin

Symantec compiled and classified the data used to categorize the top cybercrime origins. Their research revealed that countries with a dense concentration of high-speed internet connections are most susceptible because of the constant system connectivity. This was a key factor contributing to the United States’ high rank as a cyber criminal target.

The prevalence of malware and malicious code on our domestic soil should prompt every individual and business that maintains a website (especially a commercial website) to become familiar with basic online security.

You can expand your cyber security knowledge base by visiting  FireHost’s Security Center. We have an extensive list of website security resources, a thorough glossary of common terminology, and up-to-the minute industry news.

The Nine-Ball attack is deployed when a user visits a legitimate website that has been infected with the malicious code. From the legitimate website, unsuspecting users are redirected behind the scenes through a series of different sites owned by the Nine-Ball’s hackers.

The diagram below depicts a typical url progression that happens behind the scenes during a Nine-Ball deployment.

Nine-Ball Progresstion

When an infected site is visited for the first time, the user is directed to the ninetoraq.in exploit payload site where the visitor’s IP address is recorded and the trojan download is installed.

If a user on the same IP visits the legitimate website again, he or she is directed to the benign site of ask.com. Security experts speculate that the Nine-Ball hackers are using a benign destination url to throw cyber security investigators and cyber crime analysts off track.

The scary part is that most antivirus applications will not detect Nine-Ball’s malicious code. Websense experts report, that “the exploit is detected by only three of the 41 most commonly used AV programs.”