One of the most notable cybersecurity developments from the US conflict with Iran is that nation-state actors have increased their targeting of small- to medium-sized businesses (SMBs) and mid-market organizations. This activity has increased because they recognize that smaller organizations often serve as entry points to larger supply chains and critical infrastructure. Apparently, large enterprises and governments are no longer the sole valued targets for these threat actors.<\/p>\n\n\n\n
Case in point, on April 7, 2026, the New Jersey Cybersecurity & Communications Integration Cell (NJCCIC) issued an email stating in part, \u201cthe Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Environmental Protection Agency (EPA), Department of Energy (DOE), and United States Cyber Command \u2013 Cyber National Mission Force (CNMF) released a Joint Cybersecurity Advisory urgently warning US organizations of ongoing cyber exploitation of internet-connected operational technology (OT) devices, including Rockwell Automation\/Allen-Bradley-manufactured programmable logic controllers (PLCs), across multiple US critical infrastructure sectors.\u201d<\/p>\n\n\n\n
Yes, that introductory paragraph contains a huge mouthful of agencies and acronyms. The key point is PLCs are used in small production lines for assembly, packing, and sorting. They are also frequently used in building automation and HVAC systems, as well as in warehouse inventory-tracking systems. In other words, in many places, some one or group with bad intentions could wreak havoc by corrupting the operations of multiple small businesses.<\/p>\n\n\n\n
In addition, bad bot traffic (software applications that run automated tasks with malicious intent) has surged to 37% of global internet traffic. Hackers don\u2019t pick targets individually any longer; automated bots generate tens of thousands of vulnerability scans per second as they relentlessly probe every possible website for signs of flaws. Basically, hackers don\u2019t need to target a specific small business. They scan everything online and hit whatever they can find that is vulnerable.<\/p>\n\n\n\n
I\u2019m bringing this up because there is one element that can help reduce some potential damage. The single highest-return security control \u2014 and the one most commonly skipped or ignored by SMBs is MFA (multifactor authentication). Because once credentials are stolen, MFA is the last line of defense. I\u2019ll admit, I have been complacent in implementing this feature for specific applications and clients, but that will soon change.<\/p>\n\n\n\n
However, even with that unique control in place, SMBs still incur financial losses. Cysurance, a leading cyber insurance provider, reports that 98% of its claims stem from Business Email Compromise (BEC) and funds transfer fraud \u2014 not ransomware, not data breaches, not advanced persistent threats. All an attacker must do is send a convincing email. The victim updates payment details, and money moves to an account it should never have reached. In many cases, no system was compromised, no credentials were stolen, and no malware was deployed. An employee was flat-out deceived.<\/p>\n\n\n\n
How can a small business owner overcome this? By implementing one rule: Any change to payment information must be verified by voice every single time \u2014 without exception. Not by email, not by chat, but by a phone call to a known number. The consequence of a staff member not following this rule is immediate termination. How\u2019s that for a no-cost solution to a grievous problem?<\/p>\n\n\n\n
Attackers are relentless. They will often target small businesses because, with the right approach, they can achieve disproportionately higher returns for relatively little effort. Modern ransomware operations are industrialized and supported vigorously by artificial intelligence.<\/p>\n\n\n\n
The \u201cwe\u2019re not interesting enough\u201d or \u201cwe\u2019re too small to be attacked\u201d mindset is just not true. It is operationally dangerous. That \u201chead in the sand\u201d approach justifies underinvestment and delays the implementation of security solutions that can make a difference in the business\u2019s survival.<\/p>\n\n\n\n
In a recent research paper, SonicWall wrote that a single breach at an SMB could exceed $4M when downtime and recovery are included. For many small business owners, that amount could be a matter of survival. And the cost of a breach far exceeds the cost of the security measures that could have prevented it.<\/p>\n\n\n\n
AI has fundamentally changed the speed and scale of cyberattacks, affecting everyone. Crowd\u001fStrike\u2019s recent Global Threat Report 2026 states there was an 89% increase in AI-enabled attacks in 2025 compared with 2024. Campaigns that once took weeks to prepare now take hours. Phishing emails that once required manual crafting are now generated, personalized, and localized at scale. Network reconnaissance that previously consumed attacker resources is largely automated.<\/p>\n\n\n\n
So, with this increasing threat level in mind, I plan to strengthen my security base throughout the rest of this year, starting with my own environment to ensure it is thoroughly protected. In addition, I will add to the existing stack I offer you (i.e., SentinelOne, Huntress, and Proofpoint) to thwart this ongoing onslaught against your businesses.<\/p>\n\n\n\n
Thanks, and safe computing!<\/p>\n","protected":false},"excerpt":{"rendered":"
One of the most notable cybersecurity developments from the US conflict with Iran is that nation-state actors have increased their targeting of small- to medium-sized businesses (SMBs) and mid-market organizations. This activity has increased because they recognize that smaller organizations often serve as entry points to larger supply chains and critical infrastructure. Apparently, large enterprises …<\/span> Read More →<\/span><\/a><\/span><\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[66,58,7,40],"tags":[],"class_list":["post-540","post","type-post","status-publish","format-standard","hentry","category-artificial-intelligence-ai","category-business","category-everyone","category-security"],"_links":{"self":[{"href":"https:\/\/www.heliotropicsystems.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/540","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.heliotropicsystems.com\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.heliotropicsystems.com\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.heliotropicsystems.com\/blog\/index.php\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.heliotropicsystems.com\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=540"}],"version-history":[{"count":1,"href":"https:\/\/www.heliotropicsystems.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/540\/revisions"}],"predecessor-version":[{"id":541,"href":"https:\/\/www.heliotropicsystems.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/540\/revisions\/541"}],"wp:attachment":[{"href":"https:\/\/www.heliotropicsystems.com\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=540"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.heliotropicsystems.com\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=540"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.heliotropicsystems.com\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=540"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}