As Cyber Attacks Become More Prevalent, Here’s Why Your Small Business is at Risk

February 28, 2020

Small business owners are responsible for establishing and growing the business. This means they often wear more than one hat at any given time. While they are focused primarily on customers and revenue, they also serve as a jack of all trades when it comes to everything from HR to legal to marketing.

Because of that, a mistake many small businesses make is overlooking their security function. While many of the cybersecurity attacks and breaches we see across headlines happen at major enterprise organizations, the reality is cybercriminals don’t discriminate by size and the aftermath of an attack can devastate a small business.

In fact, cyberattacks on small businesses are more common than many think, with more than two-thirds (67 percent) of companies with fewer than 1,000 employees having experienced a cyberattack, and 58 percent having experienced a breach, according to a recent report.

The same report also found that 60 percent of small businesses could go out of business due to damages associated with a cyberattack.

So what exactly do cyber criminals want from a small business? Here are a few key motives:

Personal Data: If you can hack a large corporation, you can hack a small business. Cyber criminals understand small companies collect data that is easy to offload for a profit on the Dark Web, such as medical records, credit card information, Social Security numbers, bank account credentials or proprietary business information. In 2019, for example, a small medical practice in Michigan reported a ransomware attack that had encrypted their files, including patient records, appointment schedules and payment information. The two doctors who owned the business refused to pay a ransom to unlock their files, according to a published report. After the hackers deleted their files, the owners closed their doors.

Computing Power: Cyber hackers can also attack businesses through company’s computers and IoT devices, and recruit them into an army of bots to perform massive DDoS attacks. DDoS works by artificially generating enormous amounts of web traffic to disrupt service to a company or group of companies. The repercussions of a DDoS attack include an unreachable online platform, disruption to business operations, slow response times and more.

Links to the Big Fish: Today’s businesses are digitally connected to each other to complete transactions, manage supply chains and share information. Since larger companies presumably (although not necessarily) are tougher to penetrate, hackers target smaller partners as a way to get into the systems of large companies. This is what happened in the Target breach, which resulted in 40 million stolen credit and debit cards. If you recall, the thieves accessed the retail giant’s system through a smaller business, a third-party subcontractor that provides refrigeration and HVAC systems.

Cash, Pure and Simple: Cyber criminals typically attack for one primary reason - profit. This explains why ransomware is such a popular method of attack. Hackers often times succeed, generating revenue for attackers. And as long as an attack method proves lucrative, hackers will keep using it.

While enterprise organizations have entire teams devoted to handling cybersecurity, at many small businesses, those efforts are handled by someone who likely wears many other hats in the day-to-day operations of the business. In addition to the previously mentioned motives, that also makes small businesses particularly vulnerable to hackers.

To protect against the growing range of cyberthreats, businesses can leverage technology to deliver protection, scan for threats, secure the network and perform threat analysis. Fortunately, the technology security landscape is full of these types of solutions designed to help small businesses approach security more intelligently.

When businesses decide to ignore cybersecurity, they are taking a huge risk, not only for themselves, but their customers, partners and suppliers. For small businesses, it is imperative to develop a strong 360-degree cybersecurity strategy and implement measures to combat against costly threats such as malware, ransomware and bots.

Shena Seneca Tharnish is VP of Cybersecurity and Practices for Comcast Business Services. She joined after serving as SVP, Enterprise Network Infrastructure at PNC Bank for five years in Pittsburgh, PA, and as a senior leader at The Home Depot, Inc. for twelve years in Atlanta, GA. Shena has over 24 years of experience in Information Technology – leading and managing network engineering and application development services. Prior to joining The Home Depot, Tharnish worked as a network consultant with carriers MCI WorldCom and Concert Communications (BT/AT&T), designing wide area networks for businesses.

You must login or register in order to post a comment.

ON DEMAND: The insider threat—consisting of scores of different types of crimes and incidents—is a scourge even during the best of times. But the chaos, instability and desperation that characterize crises also catalyze both intentional and unwitting insider attacks. Learn how your workers, contractors, volunteers and partners are exploiting the dislocation caused by today's climate of Coronavirus, unemployment, disinformation and social unrest.

ON DEMAND: There's a lot at stake when it comes to cybersecurity. Reputation, productivity, quality. Join us to discuss the future of your global security strategy and a path forward with trusted partners Cisco and Rockwell Automation, and turn your Food & Bev security challenges into strategic advantages that drive business value.

As Cyber Attacks Become More Prevalent, Here’s Why Your Small Business is at Risk

Recent Articles by Shena Tharnish

Four ways to stop cybercriminals from capitalizing on your remote workers

The latest news and information

Content written for business-minded executives who manage enterprise risk and security

As Cyber Attacks Become More Prevalent, Here’s Why Your Small Business is at Risk

Recent Articles by Shena Tharnish

Related Articles

Report Abusive Comment

The latest news and information

Content written for business-minded executives who manage enterprise risk and security