Comparatively lower budgets for security gear and the lack of dedicated personnel to keep an eye out for the latest exploits mean that SMBs need to do what they can to avoid being snared in the web of "gatherers"-script kiddies who make use of hacking tools or malware written by others. In the same vein, a couple of security incidents hit the news recently that I felt perfectly exemplified the importance of a couple of security practices we've talked about in the past.
Using the same passwords for different sites
Corporations and entities have long spent large amounts of engineering resources and money working towards a utopian vision of single sign-on access to everything on the corporate network. The great irony, however, is that it has become increasingly evident that using the same password is an invitation for danger in our hyper-networked world. This point was just demonstrated last weekend when Gawker Media woke up to find that its empire of online sites-built using proprietary code-had been compromised.
Aside from the devastating release of the source code that powers its custom website, the more public slap across the face came as a result of the site's central password database having been compromised in the same infiltration. Some sites are having a field day sieving through the most popular insecure passwords in use ("24682468" and "password" apparently), though users in the habit of recycling the same passwords across more than one site will hardly be amused.
While it is not known if hackers were able to exploit the Gawker database to compromise accounts elsewhere, it makes sense to ensure that the same passwords are not used for different sites.
Keep up with security updates
As you can imagine, SMBs that have exercised due diligence in updating their software and have installed the latest security patches from Microsoft are unlikely to have been affected. Organizations that have failed to keep up with their security updates, on the other hand, were left dreadfully exposed. And because the malvertisements were essentially served via some of the largest ad networks in the world, infection could have taken place even if users exercised care to not visit suspicious sites.
So what is the key takeaway? Make sure that security updates are deployed sooner, not later.