Here’s an alarming statistic for Small Business owners: 65% of cyber-attacks are aimed at small to medium businesses.
If you’re a small business owner, you’re aware that your company might be vulnerable to attacks by hackers. Even if they haven’t found a way to break into your system yet, you can be sure someone is trying to find a way to steal your precious data. Hackers enjoy a challenge, to a point. If they can’t crack your system the first time, it’s more than likely that they’ll keep trying.
If they can’t get in they’ll eventually go away, but that doesn’t mean they won’t be back.
There is a good chance a hacker is watching your business right now. And a chance someone has already breached your security. According to one study, it takes an average of six months for businesses to realize that they have been, or are being, hacked. It then takes up to 55 days to confront and suppress the attack. By then it’s too late: the damage has been done.
But why do hackers target small businesses? Some of the reasons are obvious, and some may surprise you. Here is a list of 6 reasons why Small Businesses get hacked:
- Under the Radar
Not every hacker wants to be famous. Most don’t care about getting their conquests splashed all over the news. Many hackers attack small to medium businesses because those groups are less likely to report security breaches. The first reason for not reporting the breach is that the damage to their reputation can be much more expensive than the temporary loss of revenue, or the price of the ransom they’ll pay to retrieve their data. The second reason attacks go unreported is because law enforcement agencies are not cybersecurity experts.
- Complacency
Businesses go through cycles; some good, some bad, but hopefully at the end of the day those cycles will all lead to company growth. While planning budgets, new hires, and equipment purchases for growth, frequently the security updates and back-up (BDR) hardware needed to protect that growth will fall through the cracks. Your old security software probably won’t be good enough to take you safely into the future. Sure, it got you where you are, but don’t rely on it just because it’s been “good enough” up to now.
- Smaller budget for Security
It’s no secret that occasionally, especially during growth phases, budgets get shifted around, and what was allocated for security last year may not be in the budget this year. An alarming 90% of small businesses admit to operating occasionally with no security system in place at all. No virus protection, no firewalls, no spam filters, and no back-up systems. The scary part is that the remaining 10% probably just didn't want to admit it.
- Lack of proper employee training
Here’s an alarming statistic for you: up to 95% of ALL cybersecurity breaches that hit small businesses are due to human error. You try to stay on top of cybersecurity training for your staff, but people come and go all the time and training is bound to get put on the back burner. Sometimes breaches happen because simple procedures aren’t followed correctly. Password hygiene is a basic skill everyone should know; things like how to create a password, and why you should never write down your password and leave it posted to your computer. Not opening attachments to emails is also important, since over 92% of all malware is delivered via email.
- Usually quicker to pay the ransom
One study has shown that 53% of small businesses will pay the ransom to hackers upon contact with them. This is related to our first topic, "Under the Radar," since the reasoning behind paying quickly should mean you'll experience a shorter downtime. Paying the ransom is still no guarantee that you’ll get your data back. After all, these are criminals you’re dealing with. Plus, when you pay a hacker, you only encourage them to continue attacking businesses like yours.
- You’ve been hacked before
Hackers are like sharks: they can smell blood in the water from miles away. Once the word gets out that you've been hacked, and that you've paid the ransom, you'll have hackers lined up around the block. Like a lot of criminals, hackers are looking for the path of least resistance. Once they hear you’re an easy target you’d better prepare yourself for all kinds of cyberattacks.
It takes work to develop a comprehensive cybersecurity strategy, train your employees on what to look out for, and maintain regular data backups, but all these things and more are necessary in today's cyber landscape. Almost every day there are news stories about companies getting hacked, corporations paying millions in ransom, and small businesses closing because of hacks. Companies like Apple, Amazon, Target, and Facebook can afford the best security available, yet they still get hacked. Make cybersecurity a priority for your business and you’ll increase your chances of staying off a hacker’s watchlist.