A useful reminder from Augi Woo – who runs a great IT business supporting businesses – noting that cyber criminals are targeting small business (like yours). No scaremongering, but worth considering for your systems into 2022.
—
Unfortunately, when it comes to cyber threats, no company is safe now — including your average run-of-the-mill small business. In short, if you use the internet in any sort of way, you’re a target for cybercriminals.
A lot of small businesses make the mistake of thinking that cyberattacks only happen to big businesses who have a lot to lose. But the truth is that most cybercriminals aren’t targeting specific businesses. Cybercriminals are often individual opportunists who will pick on anybody with a slight weakness. And quite often, it’s small businesses who have more weaknesses in their systems than the big firms, simply because smaller companies don’t have the same resources to put to their own defence.
The proof is in the stats. FSB, which campaigns on behalf of small businesses, reckons that small businesses collectively attract more than 10,000 cyberattacks every day. Which is a huge number.
Think of it this way — a burglar will sooner break into a small house that has left a window open on the ground floor than try and break into a penthouse suite with CCTV and on-site security staff offering 24×7 surveillance.
So what are the kinds of threats that you should know about? We can’t cover all of them in a simple blog post, but these are the types every small business should be aware of.
1. Phishing
This is one that’s rocketed during the pandemic, and, according to DCMS, is the most common threat facing small businesses.
Phishing is an attempt by a cybercriminal to trick a person into giving over sensitive information. Most of the time, cybercriminals attempt this kind of trickery via email or text message, claiming to be from a reputable source asking for the recipient to click on a link and enter their login credentials for a service they tend to use. The issue with phishing is that you only need one person within your company to hand over their login credentials for a work system for a cybercriminal to gain access.
2. Malware
Malware is the second-biggest cyber threat to small businesses, comprising viruses, trojan horses, and any malicious kind software that employees often inadvertently install on their work devices or networks. If you have malware, you’ll either find that certain systems stop working or you give cybercriminals a way into your systems so they can snoop on what you’re doing and steal your data.
The key to dealing with malware is to stop it ever happening in the first place, and to spot it quickly if it ever does manage to find its way into your system. Endpoint detection, firewalls and anti-virus software can help with all of this.
3. Ransomware
This one’s a business killer. Ransomware is a bit of software that, like malware, gets inadvertently installed on your systems (usually by an employee), and holds your data to ransom. If you don’t pay up, you can kiss goodbye to your data. But even if you do pay up, you’re still not guaranteed to get your data back. Usually, criminals ask for crippling amounts of money because they know your data is important to you, and every day that you can’t operate as a business is a day that costs you serious money.
Again, endpoint protection, anti-malware technology and data back-up systems can help mitigate the effect of ransomware. If you’re unlucky enough to fall victim to ransomware, endpoint protection and anti-malware can help stop it in its tracks before it takes hold of too much data, and data back-ups can help you restore whatever data you lose.
Andy.