By: Jake Schulte, IT Manager
Small business owners are busy. They’re pros at wearing multiple hats at the same time and making it look good. While doing what they do best, often there’s not a lot of time for thinking about threats from the web.
Cybercriminals know this.
Additionally, many small business owners aren’t aware of the threats that exist, nor how those threats could cripple or shut down their business. Since they don’t know, keeping the electronic assets they depend on for the success of their business secure from cyber threats is left out of the budget.
Cybercriminals know this too and take advantage.
Since you can’t prepare for a risk you don’t know exists, here’s a breakdown of how cybercriminals find success targeting small businesses.
Criminals cast a net
Small business owners may assume they’re too small to be specifically targeted for attack. In some ways they’re right. Instead of targeting one small business, cybercriminals target millions by casting a wide net with scores of automated phishing emails.
Criminals know the vast majority of recipients will not fall prey, but they also know a small percentage of will fall for it and they can target those who do.
The net brings targets
Automated phishing nets a new set of targets the criminals know are vulnerable to hacking. Cybercriminals use this new information to escalate their targeting with more personalized efforts, known as spearfishing.
This type of attack could consist of emails that use the names of people in the organization. Recognizing the name as familiar, the spearfished target opens the file attachment, unleashing harmful malware designed to gather information from the computer.
The malware could install a keylogger to track and report every keystroke made by the user, exposing passwords and other sensitive info. Or the malware could take the form of ransomware, holding vital information hostage for payment.
Other nefarious possibilities from successful spearfishing are equally alarming.
It’s a widely used tactic. About 95% of all attacks on small businesses are the result of successful spearfishing.
Efficiency can make small businesses vulnerable
We hate to say it, but security and efficiency are often polar opposites. The drive to accomplish more in less time can create security holes.
For example, it may be efficient for memory’s sake to use the same password across multiple logins and accounts, but that puts each of those accounts and your entire system at risk. It may be convenient to keep the same login credentials for years on end, but that also increases security risk.
The solution for these risks is following security best practices with multiple layers of protection to guard against vulnerabilities.
Multi-layered security is the answer
A comprehensive security portfolio has multiple layers of protection to defend the business from all sides. From the outside in, here’s what might be included:
- Server and computer protection
- Best practice security policies
- Specific actions that protect systems
- Educated users
The reality is, every business is at risk from cybercrime. There’s no doubt technology improves business function, but it’s a tool that has to be protected and maintained.
At Networks Plus, we offer every layer of protection small businesses need to stay safe. Get in touch to keep your data–and your livelihood–secure.