As managed IT service providers, we often get asked if it’s worth investing in IT security as a small or medium-sized business – after all, don’t hackers target banks, healthcare organisations and big businesses like eBay, PlayStation, Facebook and Garmin? While these are the attacks that make news headlines, smaller business are more frequent targets of attacks. Here’s why these criminals are focussed on SMMEs.
Cyberattacks on Small Businesses in Australia
According to government reports, cybercrime costs the Australian economy over AU$1 billion each year – and small businesses account for a massive 43% of the businesses targeted. In fact, surveys show that out of 1,000 small businesses who participated in the 2019 survey, 78% had been targeted by cyberattacks in the last 12 months. And it’s a problem that is on the rise, with a 424% increase in cyberattacks on businesses from 2017-2018.
What Makes Small Businesses Vulnerable?
While the payoffs from targeting a big organisation may seem like a real draw for cyber criminals, the fact is that most of these organisations have the resources to create robust protections around their data and IT network. Even if a breach occurs, these organisations can usually shut it down quickly without suffering too much damage. It simply makes more sense to go for softer targets – which small businesses are for a number of reasons:
- They are less likely to have state-of-the-art IT security solutions in place
- Many small businesses don’t have on-site expertise to train employees about safe computer behaviour
- Many small businesses (33% in Australia) have no proactive measures in place to prevent cyberattacks
- As many as 87% of small businesses believe they are safe from cyberattacks because they use antivirus software as their sole protection
What Are Cybercriminals After?
Many small businesses also believe they aren’t targets because they don’t have anything of value for cyber criminals, but it’s not true. Here are some ways hackers have attacked and often ruined SMEs:
- Extortion – Using ransomware, cybercriminals will lock you out of your computer system completely, effectively paralysing your business. You then have to pay a large fee to get access back. This is the only way to restore your system, as trying to break the encryption is incredibly difficult and expensive to do. If you have a recent backup as part of your disaster recovery policy, you may be able to restore an almost up-to-date version – however, many businesses don’t have this in place.
- Personal and Financial Customer Information – Your customer records are another target, allowing cyber criminals access to private, personal information like names, dates of birth, addresses, credit card and financial information that can all be used to commit fraud or sold on to other parties who will use it to commit fraud. It is essential to your business that your customers can trust you with their personal information, making data security critical.
- Private and Financial Business Information – Cyber criminals can also target your business’s data itself, posing as trusted vendors, launching sophisticated phishing attacks and more to get hold of critical information. Attacks like these are difficult to spot and easy to fall for, and business bank accounts can be drained in minutes as a result. They may also target your vendors, partners and suppliers the same way using information they get from your network.
The reality is that while big businesses do get their share of cyberattacks, they can often recover from these attacks with minimal damage. For a small business, the financial loss, loss of business and loss of consumer trust can be devastating. In fact, 22% of small businesses in Australia that suffered ransomware cyberattacks in 2017 were forced to close their doors.
How to Protect Your Small Business
In order to protect your small business from cyberattacks, it is important to find the right managed IT services provider. They will be able to design, implement and manage an IT solution within your budget, so you don’t have to expend essential capital on non-core business resources.
At Milan Industries, our focus is on providing cost-effective, state-of-the-art IT services and solutions specifically for small businesses, from IT support and cloud solutions to network security and disaster recovery. Contact us and find out how we can help prevent your business from becoming a statistic.