Top Cybersecurity Threats To Small Businesses
If you thought only big businesses were vulnerable to hackers and cybersecurity attacks, think again. Because of limited security, more and more hackers are targeting small businesses and succeeding in stealing data and information. Knowing what these threats are is the first step to safeguarding customer data and company assets.
So, what are the top cyber threats to small businesses? Ransomware, middle man attacks, SQL injections, and phishing are the four most immediate security threats to SMBs.
In this article, we break down these top security threats and share best practices on how to make sure malicious code, phishing emails, and malicious software don’t bring down your small business’ defenses.
Are Small Businesses Safe From Cybersecurity Threats?
As a small business, you’d think that your brand is off the hackers’ radar precisely because you’re small. To this day, governments, healthcare institutions, and financial institutions rank as the most targeted industries in the U.S. Banks alone constitute about 19% of the attacks and spend up to $18.5 million resolving data breaches and other cybercrime attacks.
That’s not to say small businesses aren’t being targeted. In Verizon’s 2020 Data Breach Investigations Report, they revealed that 43% of data breach victims are actually small businesses.
These numbers are unheard of because small businesses often don’t report cybersecurity attacks. According to Datto, an industry leader in cybersecurity, less than a quarter of SMBs report ransomware attacks precisely because small business owners think there is a low chance of reacquiring their system or moving forward after a data breach. Not to mention that the cost of retrieving stolen data, paying breach of contract fines, and restoring normal business operations takes incredible resources – a price that most small businesses might not be able to pay.
Thinking your business is too small or too inconsequential to be of interest to hackers is what makes your business vulnerable in the first place.
As long as your business operates with employees, an internet connection, and is in the business of using customer information, you’re liable to cybersecurity threats regardless of your business’ size and industry.
What Makes Small Businesses Vulnerable
Understanding what exactly makes SMBs vulnerable will help you understand how to protect your business better. Here’s why small businesses aren’t safe from cybersecurity attacks.
1) Human Error
Data breaches and other cybersecurity attacks rely on two things: technological and man-made vulnerabilities. Having a topnotch cybersecurity system in place won’t count if your employees don’t have the slightest clue about IT protection.
Email phishing, the practice of using fraudulent emails to send malicious links and web attachments, is still one of the leading causes for data breaches for small businesses. Despite the efforts of IT departments, businesses can still be subjected to phishing attempts precisely because hackers target low-level employees with some form of access to data, and use them as a gateway into the system.
Educating your employees about common tactics and defenses is the best way to protect your team from falling for phishing attempts.
However human error isn’t exclusive to employees. Even admins and business owners can unknowingly compromise company data. Having your customer database, folders, and important files accessible to all employees is an easy way to get hacked, not just by outsiders, but also by employees who could do something with the information available.
Data encryption, password protection, and limiting access to relevant users and employees is key to keeping company protection safe.
2) IoT and Personal Devices
Endpoint devices in your office are protected – now what?
In reality, data protection doesn’t really stop with office devices. If you allow a bring-your-own-device policy to work, keep in mind that your employees are using their laptops and cellphones in public places, connecting to airport WiFi and other unsecured networks.
When a compromised personal device connects to your business network, hackers can feed on cookie crumb information leaking out from their devices, and use those to orchestrate launch more comprehensive attacks against your network.
3) Third-Party Vendors and Apps
Assuming you have proper employee training and a robust cybersecurity system in place, it’s still not enough to keep you protected from all threats. As a business, you’re not just working with your team – you’re enlisting the help of apps, sites, services, and other businesses in order to conduct your business, and even these bigger companies are not invulnerable to hacking.
In 2019, Shopify, the leading eCommerce platform, admitted a flaw in their API system that led to a data leak. Out of the 800,000 accounts tested, over 12,000 were exposed and unknowingly leaked sales data including a monthly breakdown of their revenue dating back to as far as 2015.
Shopify isn’t the first website to fall to vulnerabilities. In that case, users were lucky that the leak was found before there was a malicious attempt to sell user data, which allowed Shopify to patch up the system to better protect merchant info.
In 2012 and 2016, LinkedIn reported data breaches that involved stolen credentials. The hackers were believed to be selling email address and password combinations of about 165 million LinkedIn users for just $2,000 in Bitcoin value.
Having a strong IT defense system pays off because you’re not just protecting your business from attacks that are directed at you, but also threats that may come from other sources.
Top 4 Cybersecurity Threats To Small Business
1) Ransomware
What is it?
Ransomware is a certain kind of malware that locks any device it infects. Devices are locked under encryption, meaning even device owners are unable to unlock their device and access any information. Networks infected by ransomware can then be locked by hackers until they decide to release it, holding the data for ransom. Business owners are forced to choose between losing their data or paying the ransom.
How are small businesses affected?
Ransomware might be the biggest cybersecurity threat for all types of businesses, from small enterprises to medium and large scale enterprises. Thousands of businesses are affected by ransomware every year, as more and more hackers realize this to be an easy form of robbery.
One study from 2018 found that 71% of ransomware attacks were targeted towards small enterprises, and hackers charged an average ransom of $116,000. While large scale enterprises would have more capital, hackers know that small businesses are less likely to protect and back-up their data, making them more susceptible to a successful ransom. Businesses in the healthcare industry are a common target because of the sensitivity of their data.
What are the symptoms?
- A recent history of malicious emails
- Files becoming encrypted
- Computers won’t turn on
- Web browser is locked
- There are missing files
- Files won’t open
How can you protect your business?
Businesses should strongly consider installing reliable Endpoint Protection across all network-connected devices.
2) Middle Man Attacks
What is it?
A middle man attack, also known as a MitM or Man-In-The-Middle-Attack is when a hacker breaks into your network and communication servers and collects sensitive and private data from there. This is a classic form of hacking, with the first cases of MitM attacks dating back to the 80s.
For example, if you have a private telephone call with a client, your vulnerable system might allow a hacker to listen in on the conversation. They can then use this sensitive and private data against you, claiming to leak the information unless you pay up. They can also hunt for any sensitive account information to change your passwords, transfer funds, and more.
How are small businesses affected?
MitM attacks are a type of cyber attack that is generally automated, allowing hackers to send out attacks across a wide range of businesses just to see where they might break in. While most MitM attacks use Wi-Fi or wired networks to break into a business network, they can also use fake cellphone towers to launch their attacks. These are known as stingrays, and these devices are routinely traded on the dark web.
While MitM attacks are not as common as phishing attacks or ransomware, one study found that at least 35% of hacker activity is MitM attacks. Businesses most targeted by these types of attacks include e-commerce sites, SaaS businesses, and financial enterprises.
What are the symptoms?
- Error messages when connecting to networks
- Unexpected and fake software updates
- Wi-Fi networks with similar names
- New public or open Wi-Fi networks
- Browser pop-ups asking for sensitive information
How can you protect your business?
MitM attacks are becoming more sophisticated, making detection increasingly difficult over time. While standard monitoring and detection security software is highly recommended, businesses also need to instill a proactive and disciplined workplace culture of building strong passwords and MitM awareness.
3) SQL Injections
What is it?
SQL stands for “structured query language”, which is a computer program that allows users to search relational databases. Businesses that utilize and record financial information, manufacturing information, or any kind of employee records or database typically use SQL. An SQL injection or SQL attack is a cyber attack in which hackers exploit vulnerabilities in the SQL coding and inject malicious code directly into the business’s database.
With the hacked code in place, hackers can then search the database for any sensitive or private information. Once any valuable data has been identified in the hijacked database, hackers proceed to harvest the data and sell it to interested buyers on the dark web.
How are small businesses affected?
According to a recent report from research firm Ponemon Institute, 65% of surveyed businesses had some experience with an SQL attack in the last year. Nearly half of all data breaches experienced by businesses are a result of SQL injections, despite most organizations not being familiar with this type of attack.
So what kind of information are hackers looking for with SQL injections? Credit card data, passwords, usernames, and PII, or personal identifiable information. One major victim of these attacks is businesses in the healthcare industry, as their databases have private and sensitive medical records. With PII, hackers could send fraudulent bills to Medicare or insurers and make a fortune before any data breach is discovered.
Law firms, real estate agencies, eCommerce companies, and smaller banks are also commonly targeted by SQL injections. Any kind of business or website that might collect Social Security numbers, birthdates, phone numbers, and home addresses are viable targets due to the volume and quality of their stored sensitive information.
What are the symptoms?
- Unusual error rate found in the database
- Database changes not done by anyone on the team
- An unexpected loss of data
- Queries in the database from unknown sources
- Suspicious emails requesting SQL query structure
How can you protect your business?
SQL injections are loved by cybercriminals mostly due to its versatility. It can be done in a variety of ways for a variety of purposes, from stealing customer information to modifying or destroying any proprietary data. Detection can be difficult, even with the latest security software in place.
Protecting your business means having a range of security software in place, including a WAF or a Web Application Firewall and a vulnerability scanner. Any website plugins you use should be chosen carefully, as each plugin on your site is another door that hackers can possibly open to breach your site.
4) Phishing Attacks
What is it?
Phishing attacks are a classic form of hacking, yet thousands of businesses are still breached every year due to phishing methods. A phishing attack consists of an email containing a malicious link or attachment.
The email attempts to convince the recipient to click the link or download the attachment for whatever purpose; once the malicious link is clicked, a malware is automatically downloaded and installed into the recipient’s device.
How are small businesses affected?
We previously discussed everything you need to know about phishing and malicious emails. In short, about a third of data breaches are a result of successful phishing; two-thirds of installed malware is a result of opening malicious links or email attachments. Phishing is a widespread issue that is difficult to protect against, because it requires educated awareness from every member connected to a business network at all times.
As we stated above, small business owners and employees tend to believe their business and personal information might be too small for hackers to target, but this is not the case. Hackers tend to cast a wide net when sending out attacks like phishing emails, meaning as long as your email or contact information is on any kind of business registry, you are a likely recipient of malicious emails.
What are the symptoms?
Symptoms of installed malware on your device depend on the exact type of malware that was downloaded into your system. To tell if an email is a phishing email, look out for the following tells:
- Grammatical errors
- Misspelled words
- Complicated or unusual URLs
- Lack of signature or branding
- Unknown website and sender address
- Strange formatting
- Incorrect punctuation
How can you protect your business?
While it always helps to avoid any emails that might look suspicious, even emails with proper branding, grammar, and punctuation can still be potential malware hosts. Pay attention to the domain, sender name, formatting and body, any strange characters, and the attachments and links of emails from unknown senders.
Protecting your business from phishing is more about education and awareness than security software. In our previous article on the topic, we discussed the best ways to vet every email, including verifying with the sender, hovering over the link, and more.
How To Protect Your Small Business Network
Your business will always be vulnerable to threats regardless of its size. The first step to SMB protection is acknowledging that your business isn’t automatically safe, and that IT protection is necessary in today’s cybersecurity landscape.
As a small business, you don’t need to afford enterprise-level solutions to keep yourself protected. Keeping your small business network secure is achievable as long as you employ base equipment, software, and safety protocols. Knowing the common threats to an SMB’s cyber security, and preparing for those with small business-friendly solutions should keep your business protected from data breaches and other cybersecurity attacks.
