You may assume that as a small business, you don’t have to worry much about cybercriminals being interested in your data. Unfortunately, statistically speaking, small business has a lot to worry about.

Here are a few sobering numbers to consider from Small Business Trends:

  • 43% of cyber attacks target small business.
  • 60% of small companies go out of business within 6 months of a cyber attack.
  • 55% of respondents said they had experienced a cyber attack.

We don’t mean to scare you, but to alert you.

Cyber threats pose a very real danger to small business, but once you are aware of what they are up to, you can take measures to protect your customer data, your records, and your company.

Cyber Threats You Need To Watch For

Now that you know that cyber threats are real, what do you need to be looking out for? Here are the top cyber threats to small business which were prevalent in 2018.

  • Ransomware is a type of malicious software which threatens to either publish the victim’s data or perpetually block access to it. As the name suggests, the perpetrators offer to remove these threats if a ransom is paid. Although some ransomware attacks are large scale – like WannaCry, which affected companies and healthcare organizations around the world – many recorded attacks are against school boards, municipalities, and small business. The solution is having a physical back up as well as a reliable cloud solution so that you do not have to pay for the return of your data.
  • Your smartphone is currently the default device used to provide secondary verification login to important accounts. Up until recently, only banks verified you via your cell phone, but now virtually every app requires this type of verification- from your email to your customer databases. Unfortunately, this means losing control of your smartphone is akin to losing your wallet a few years ago – everything of importance is in one place. If your smartphone is more than a year old, it likely doesn’t provide the latest in security updates. Therefore, do not store any secure data or passwords on your phone until you can retire it and get current technology.
  • Security scams are everywhere these days, and they have gotten more sophisticated. You’ve likely seen the pop-ups which announce that you have been infected with a horrible virus, and you must click through to download software to clean your device. The messages look official, are persistent, and make all but the most seasoned of employees very nervous. But it is imperative to train your employees to never click that warning, or the only virus they will be dealing with, is the one they let in. If you ever have any questions as to if a warning message is real, check.  on the internet. Most likely, thousands of others are receiving the same message and asking about it.
  • Phishing attacks are sent via email and look as if they came from a trusted source, such as your own bank. The email asks the recipient to verify personal information by clicking on a link. Phishing emails have gotten much more sophisticated in recent years, making it difficult for some people to discern a legitimate request for information from a false one. The site that you are directed to is a dummy site that looks nearly identical to the real site you are used to dealing with, but it is there only to steal your information. Know that most companies (if not all) will not solicit personal information via email, nor will they ask you to verify your password or to re-enter your social security number. If you unsure, call the institution to verify whether or not they sent the email, but remember – never use the phone number on the suspect email. Look the phone number up independently.
  • A password attack involves a third party trying to gain access to your systems by cracking a user’s password. As cyber threats go this is least intrusive, at least until they are successful in breaching your system. The software the hackers use is typically run on their own system and does not involve malicious code being released into yours. Still, once they break down a door via a cracked password, they are into all of your data. The only true way to guard against password attacks is to have a policy of utilizing strong passwords, generally a combination of upper and lower case letters, symbols and numbers and consisting of at least eight characters. Make it a company policy that everyone changes their passwords on a regular basis, in order to lock out a criminal who may have cracked an old password.

Did You Know? An attacker, using a password cracking program, can typically unlock a password comprised of all lowercase letters in a matter of minutes. Read more about password protecting your data.

Conclusion

Technology has made our lives so much better in so many ways, but along with the innovation came cyber threats. The IT professionals at Alliance IT are experts at helping you set up a secure, redundant network which can protect your business, your employees, your clients, and your livelihood. Give us a call today.