Cyber crime is on the rise and small businesses are increasingly becoming the target of hackers.
New data from Symantec’s 2016 Internet Security Threat Report shows that small businesses have become a big target for phishers. Last year, phishing campaigns targeted small businesses (PDF) 43 percent of the time. That’s up 9 percent over 2014 and a stark contrast to the mere 18 percent of attacks that focused on small businesses in 2011.
Cyber Attacks Target Small Business
Symantec’s report shows that about 1 in 40 small businesses are at risk of being the victim of a cyber crime. That pales in comparison to the 1 in about 2 large businesses which are targeted every year — multiple times — with a cyber attack.
Still, the report indicates that hackers are indiscriminately choosing their victims. It’s not a matter of who they’re targeting but what they’re targeting … your money.
These phishing attacks target employees largely responsible for the finances of a small business. Malicious email messages sent to these employees that are opened could hijack an entire company’s financial information and gain access to funds and personal information.
Furthermore, Symantec also notes in its Internet Security Threat Report that ransomware attacks are also on the rise and targeting not only employees but any devices connected to a company’s hacked network. Symantec says it has instances on the record in 2015 of attacks on the Internet of Things, too. That includes attacks on smartphones, smart watches, and a smart television. In these attacks, there is a demand for some type of payment before a device may be freed by its attacker.
Digging a little deeper into the data from Symantec’s report reveals a 55 percent increase from 2014 to 2015 in the amount of spear-phishing campaigns that target employees of a business of any size. Symantec classifies small businesses as any with up to 250 employees.
Small Businesses Need To Prepare for Cyber Attacks
So, what should small business owners do with this information? Be prepared is the simple advice.
It’s clear that hackers will continue to target small businesses with phishing attacks. And since these attacks are targeting employees mostly, implementing a proper training and informational program on phishing schemes within your company is prudent. This type of training will hopefully help reduce the likelihood that an employee of yours will open a suspicious email by helping to better identify one.
Since cyber attacks target small business, it’s more likely your small business will become the target or victim of a phishing attack. Develop a plan for dealing with such a situation. Consult with your IT team or an IT expert on a comprehensive plan for mitigating the impact of a phishing or other cyber attack against your company.
Finally, with the rise in attacks on devices connected to your company’s network, it’s best to limit the amount of those devices — employee smartphones and other IoT devices — you allow on it.
Chart: Small Business Trends
More in: Chart of the Week, Cybersecurity