Did I ever mention that hackers love small businesses? And the relationship isn't a passing, torrid affair. No. When it comes to breaching the cybersecurity systems of small businesses, hackers are in it for the long haul.
Let's start off with some context. There are 28.2 million small businesses in America and 71 percent of cybersecurity breaches occur in businesses with less than 100 employees. If that doesn't scare you, maybe the fact that Joseph Demarest, Assistant Director of the FBI's Cyber Division, believes 90% of businesses could be the next Sony should. Demarest's statistics isn't for small businesses, it's for allbusinesses.
It should come as no surprise that hackers are more likely to hit the less-protected businesses than enterprise level businesses. But why? I present to you the five reasons hackers love small businesses. (I welcome additional reasons in the comments section.)
1. A Lack of Security Systems
The most basic reason hackers love small businesses is the lack of cybersecurity systems they employ. In fact, RelayDNA's research indicates that 98.3% of small businesses have inadequate or no cybersecurity system in place. Frankly, that statistic errs on the side of being favorable to small business. Without a cybersecurity system, a company is easy pickings for even the most unskilled of hackers... or anybody that takes the time to download one of many, free hacking utilities online or over a P2P network.
2. Limited or No Ability to React
Most enterprise level businesses have the ability to react to cybersecurity breaches in real-time. When an attack or breach occurs, monitoring systems alert IT personnel, and mitigation techniques are employed. But your neighborhood bakery or auto garage cannot afford a reactive, enterprise level security team. Even if they could, reacting to a breach is a whole other ballgame. Security must be hardened, criminal acts must be thwarted before they occur, and client accounts must be secured. It all comes down to resources, and the resources of most small businesses is severely limited.
3. Slow Response Time
Most enterprise level businesses are blissfully unaware when and where their sensitive data has been breached and placed for sale on the black market. Even with security systems in place, the average time to detect a security breach is 156 days. (That is where RelayDNA comes in, but I digress.) Imagine how much worse the problem is in small business. 300 days? 500 days? Wrong. Most small businesses never detect a security breach occurred. It's a scary thought for the customer and even more scary for the business owner. Imagine all of your client's information being leaked to a thousand criminals in who-knows-where-a-stan tomorrow morning. This is the security environment all businesses face and it's not only here to stay, it's getting worse.
4. Predictive Service Usage
Do you know which firewall Wal-mart is running, which range of IP addresses is blocked from their servers, or how the wrath of Thor (I prefer the Chris Hemsworth version of Thor over the classical version, much more mayhem involved. Opinions may vary.) will fall upon you if you attempted a basic SQL injection on Wal-mart's database? Frankly, I do not because I have limited knowledge of the services that Wal-mart employs. But I can guess with a high degree of accuracy that my local photographer uses PayPal, the local car dealer uses QuickBooks, my neighborhood attorney uses Dwolla, and the pawn shop uses eBay. Guess what else I can do?Purposely seek their information from any one of these services or by breaching their computers through their wireless network. When I obtain the information, I can then make fraudulent transactions on their accounts that matches a predictable pattern for their type of business and sends no red flags to the respective service used. This is where the lack of complexity in many small businesses (sorry, but the fact that you have more than one department does not make you "complex") rears its ugly head.
5. Extortion Victim, Thy Name is Small Business Owner
Hackers love extortion more than you love your grandma's homemade cookies, this is a fact. I asked your grandmother and she confirmed. When some small business owners are threatened with extortion, they actually give in to the hacker's demands. Because the honor of most unethical hackers is worth about that of a used vacuum salesmen, hackers take advantage of the small business owner's susceptibility to negotiate with them.
So, anyway, I was saying...
When it comes down to it, your small business should actively work to harden its security and team with organizations with high level security teams. Don't use that obscure payment processor to save a few cents on a transaction or the questionable vendor because your cousin knows a guy who knows a guy. Turn to reputable companies with a track record of security.
About the Author: Lucas is a self confessed tech renegade, marketing whiz kid and law student. You can follow more of his musings here
You can’t go past a news paper, radio show or television news story these days without being flooded by all things Bitcoin or Crypto Currency. Some say it’s the new world of money while others suggest its all just a passing fad. Whatever your position or preference of...
This week I announced a suite of measures for the Government to consider when it comes to small and medium sized business and what we can all be doing as we start to look at emerging from the COVID19 lockdown. The reality is that a good number of small business owners,...
As someone who has been working in suicide prevention for some years now i know that often having a simple conversation can make all of the difference when a loved one is doing it tough. COVID 19 and the lock down tends to amplify how we feel when we are isolation or a...
We know that mob out there are uncertain as to what the COVID-19 / Corona Virus means for them – this can cause us all to panic and some in community more so that others. Panic attacks can compound the situation so we gather some information about what you can do now t...
Don’t forget our elders can suffer in silence too: suicide prevention
Many people think that mental health and suicide are not topics that impact our elders but they could not be more wrong. The data tells us there continues to be an emerging trend when it comes to peop...