In recent years, cyber criminals have had a harder time exploiting enterprises, who have advanced rapidly in terms of cyber security. Not to be deterred, the hackers have shifted their efforts to easier targets –small businesses.
Now, more non-enterprise businesses are under attack more than ever. In 2016, 61 percent of all cyberattacks affected small businesses, up from just 53 percent the previous year, according to a recent study by Verizon.
Unfortunately, many small business owners are in a state of denial about their vulnerability, which exacerbates the problem.
How Big of a Deal Is This?
Not only are the cyber attacks more frequent, but they are costlier. A recent study by cyber research firm Kapersky Lab found that the average cybersecurity attack on a small business will cost around $117,000.
However, hard numbers can understate the total financial and emotional impact of a cyber attack, which often plays out as a horror story for the business and its customers. For example,
• Imagine losing all customer billing accounts. This was the case when an Arkansas company was attacked by ransomware in 2017, but refused to pay up. Afterward, assailants encrypted 90,000 files in less than two minutes.
• Consider what mischief unrestricted access to a network might allow. A four-star Austrian hotel was hit by a ransomware attack in which the hackers took control of the door lock system and locked out guests until the ransom was paid.
• Think about explaining a cyber attack to customers. When WannaCry plunged the National Health Service of England into chaos in 2017, doctors were forced to simply tell patients “our hospital is down.”
The escalating threat has become a national security concern for the United States. In 2017, the House of Representatives passed the NIST Small Business Cybersecurity Act (c) which proposes that that the National Institute of Standards and Technology must establish cybersecurity guidelines for small businesses as well as federal agencies and enterprises.
What You’re Up Against
Identifying the threats is the first step in security. Here is what SMBs are up against, and how the threats are evolving:
- Malware applications are software written with the intent to harm. In 2017, there were 7.41 million malware specimens, an eight percent increase over 2016 levels.
- Viruses are malware that can spread themselves. Email has become the weapon of choice to spread viruses and malware.
- Exploits are vulnerabilities in systems that allow hackers to transmit malware or viruses on systems. Unfortunately, budget-friendly applications and systems that SMBs tend to use are also easier to exploit.
- Trojans are malware disguised as legitimate software. Software updates have become the primary vector for Trojans.
- Botnets are “zombie” robot networks that can use many computers in unison to carry out coordinated efforts like DDoS attacks. Expanding IoT and business networks are increasing the capability of botnets.
Most small business don’t like to think about cybersecurity, which makes them hot targets for hackers. To prevent a costly cyberattack, learn the threats and take precautions to protect your increasingly vulnerable business.