Anyone who has been paying even the slightest bit of attention knows that financial cyber- attacks against all types of companies, organizations and governments have increased dramatically. The attacks have included stealing data to sell, high jacking the information system and holding it for ransom, or taking money.
Any business can be vulnerable and the attacks have hit companies of all sizes. However, there’s been a significant increase in the attacks on small businesses (SMB). The Internet now makes it possible for an Eastern European crime syndicate to hit an Akron contractor.
Cyber thieves have become more sophisticated and organized. They’ve realized that SMBs are low hanging fruit and are targeting them more often. Small companies don’t have security or IT departments and they seldom have any policies or procedures in place to deter online, or offline, theft.
SMB owners are notorious for not paying attention to the financial health of their companies. They often leave “all that stuff” up to an accountant or bookkeeper. They don’t pay attention to, understand or have any checks and balances in place for financial matters. This leaves them wide open to external (and internal) larceny.
Cyber criminals are taking advantage of this lack of management oversight – SMBs are becoming their objective of choice. They’ve discovered that the way into larger companies is through their SMB partners or vendors, who are much easier to hack. It’s believed the 2013 Target breach, of 70 million customers, was made possible through accessing a HV/AC contractor’s system.
Therefore, SMBs are high yield for cyber-attacks. It’s simple to gain access and siphon money, with the added bonus of having easy access to larger companies up the chain. But, it doesn’t matter if your business is the intended victim or collateral damage, either way you lose.
It has been estimated that half of the small businesses who are cyber attacked close within six months.[1] They simply can’t afford the loss. It’s unfortunate, because a conscientious owner – with a little discipline and some common sense procedures – can prevent or minimize the possibility of a successful attack.
Next month we’ll go over some steps you can take to protect your company with Part 2 of Financial Cyber-Attacks – A Growing Management Problem.
[1] Testimony of Dr. Jane LeClair, Chief Operating Officer, National Cybersecurity Institute at Excelsior College, before the U.S. House of Representatives Committee on Small Business (Apr. 22, 2015), http://docs.house.gov/meetings/SM/SM00/20150422/103276/HHRG-114-SM00-20150422-SD003-U4.pdf
