Sure, certain cybercrimes net hackers millions of dollars in one swoop, but 70% of all cyber-attacks are targeting small businesses, and 1/3 of small business owners have no form of
So let’s understand what’s out there.cyber-security in place. Average attacks on small businesses cost owners nearly $40,000 outright – and that doesn’t factor in time needed to resume normal operations and any lost clients.
Social Engineering Attacks.
The infamous Nigerian Prince emails just got an upgrade!
Social engineering attacks - phishing emails, fake phone calls and text messages, honey pot websites, misleading social media accounts, and bogus URLs - are tricks utilized by cyber criminals to convince unsuspecting employees to provide sensitive information or unwarranted access to company servers. These attacks account for over 50% of all cybersecurity intrusions, yet only half of all companies conduct some sort of cybersecurity training.
What do social engineering attacks look like?
- Emails that appear to be from a legitimate organization that contain instructions to open a link.
- Emails designed to look like they were sent from within your own organization. Ex: TechSupport@yourorganization.com
- Emails from an unknown source that include harmful PDF attachments
What can your company do to prevent social engineering attacks?
- Train your employees! They only way a social engineering attack works is if your employee falls for it.
- Periodically test your employees by executing fake attacks
- Running virus and malware protection as a back-up safeguard
“Malware” refers to various forms of malicious software, like viruses and ransomware, that are meant to shut down components of a company’s operating system. Malware attacks are increasing at an exponential pace - In 2016 there were 638 million ransomware attacks, compared to only 3.8 million in 2015.
In March, hackers successfully executed a ransomware attack that shut down the city of Atlanta’s online systems for over six days. Court hearings were suspended, citizens were unable to make payments to the city, and government employees resorted to pens and paper documents for vital tasks.
If ransomware can pause a city’s government, it will paralyze your business. Anti-virus software and regular back-ups to external drives are great starters for securing your company’s data.
Third Party Vendors
The business-world is increasingly interdependent. Not only do companies need to enact cyber-security of their own, but they need to guarantee that their business partners are adequately prepared to deal with cyber-risks. In 2013, Target missed that memo. After granting system access to a third-party HVAC manufacturer, hackers stole Target’s credentials from the vendor and infiltrated Target’s system. The result – 60 million compromised credit card accounts and an $18.5 million payment by Target to rectify the breach. If your business partners don’t meet a high standard of cyber security you have two options: help them get there, or sever ties.
Cybercrime is the real deal and business owners and employees need to be prepared. We strongly recommend all businesses conduct honest assessments of where their company stands on cyber. If not, a cybercrime may be the reason your business doesn’t stand at all.