While the news has stories about cyberattacks against governmental agencies and massive corporations, the often silent truth about cyber security threats is that small to medium-sized businesses have the most to lose. According to the Small Business Innovation Research (SBIR) program, 50 percent of SMBs have been the victim of a cyber attack, and 60 percent go out of business after a cyber attack. Here is a look at some of the most common cyber security threats that face SMBs.
While many SMB owners enjoy a bit of fishing on the weekends, phishing is something to avoid. Phishing occurs when scammers send an email, text, or social media post that appears to be from a legitimate business. When the recipient or reader clicks on a link or downloads a file, their system can be compromised by a virus. The scammers can also steal their personal information.
The SBIR notes that small businesses are particularly vulnerable to emails that look like they're from banks or other institutions. The emails state that the recipient must log in to an account or provide personal information. Unfortunately, commercial business accounts do not have the same protections as private consumers. This means that when scammers access their bank accounts during a phishing scam, they don't have the same guarantees against financial loss.
Ransomware is often delivered by way of phishing. It is malicious software that, once downloaded on a computer, can block the user's access to their files by encrypting those files. Often, those responsible for the ransomware attack require a sum of money from the organization to regain access to their computer.
3. Weak Passwords
Do you tend to use the same passwords over and over again so that you can remember them? Many people and companies do this. However, having weak passwords makes it easier for bad actors to guess, giving them access to your company files or even the personal information of your customers.
4. "Drive-by Downloads"
The term "drive-by" has several implications that are mostly negative, and this is true with downloads too. Drive-by downloads are malicious programs that are installed onto your computer or mobile device without your consent, and without you clicking on any link. This can occur when you visit a website, and these drive-bys can even appear on legitimate websites.
5. Watering Holes
Watering holes are legitimate websites that have been taken over by bad actors. Also, these websites are often the source of drive-by downloads. The sites of third-party vendors are a common source of security issues related to viruses and ransomware that target SMBs.
6. Insider Threats
Ever had an employee who left the business angry? How about an employee who seemed a little too interested in gaining access to business information that wasn't necessary for them to have in their position? Maybe you have someone on your team who can't keep track of their phone or files. These are common issues for SMBs. Unfortunately, they're also common insider threats. Employees have access to a tremendous amount of information. This includes passwords that can access organizational files, customer details, and even the bank account.
Learn More About Safeguarding Your Business From Cyber Security Threats
Cybersecurity matters can be complicated! If you'd like to better understand the risks your small business faces and how to safeguard yourself, check out our blog post about the questions your team should consider. You can also use our convenient tool to conduct a cybersecurity assessment and find out where your website is most vulnerable.