According to Cybersecurity Insiders, 43% of all cyberattacks are aimed at small businesses, costing them an average of $200,000 per attack and subsequently resulting in 60% of the victims to go out of business within 6 months’ time. Knowing what to look out for and how to protect your company is therefore extremely important - especially for small businesses.
Cybersecurity Threats and Trends
Since the beginning of 2020 and the covid-19 pandemic, all types of online fraud have increased, making small businesses extra vulnerable. As the techniques used by cybercriminals are ever evolving and attacks are becoming more difficult to detect, you want to keep up to date with what the newest trends and threats are so that you can effectively protect your business and employees.
A recent article by Cybersecurity Insiders ranked the top cyber threats for small businesses in 2020 and the near future. On the list, we find phishing scams, organized hacking, ransomware and mobile cyberattacks listed as becoming increasingly more common among SMEs.
Phishing scams typically involve an email from an attacker who is pretending to be someone within the company, asking for confidential information or transferring of funds. These emails are often very believable, using the full name of someone within the company (often an executive) and the business logo. As many of us are working from home following the pandemic, where email is the most common point of contact with other employees, businesses are — and will continue to be — extra vulnerable for this type of attack.
According to APWG’s Phishing Activity Trends report, at least 146,994 businesses fell victims to this type of attack at the beginning of 2020 alone.
Organized hacking targeted at small businesses are another threat that is likely to increase in the coming year. This could, for example, involve cybercriminals who use rented botnets to extort money or to steal sensitive customer data, intellectual property, business plans, or other company secrets, to sell to rivals or on the dark web.
An example of such attack is the recent attack against the Swedish company Gunnebo, where information about security measures for the Swedish parliament, drawings of bank vaults, and other sensitive information was stolen by cybercriminals and sold on the dark web. But it’s not only big security corporations that are targeted for this type of attack, small businesses are often seen as “easy targets” where money can be extorted relatively effortlessly.
Ransomware attacks are attacks where hackers gain control over a business account or system and demands a ransom to be paid before giving back access to the company. According to experts, these types of attacks are likely to increase even more over the next coming month, especially targeting small businesses which often doesn’t have adequate security measures in place.
A report by Sophos notes that 51% of organizations have been hit by a ransomware attack within the past year, costing an average of $762,106 per incident to remediate. Another report from insurance provider Coalition notes that losses for a typical claim ranges from $1000 to up to $2,000,000, and that frequency of ransomware among its policyholders has risen 260% in the last year.
Mobile devices often lack up to date firewall protection and is therefore often more vulnerable for attacks compared to computers. With the COVID-19 pandemic, people are increasingly communicating with employees and colleagues over the phone which in turn has resulted in the increase of mobile cyberattacks. One report found that attacks on mobile devices has increased 42% in 2020 compared to the year before and is likely to continue to be a threat to businesses who lack the expertise of how to defend themselves.
Be Proactive and Save Money
Detecting and mitigating cyberattacks before they cause severe damage is a much more cost effective method than having to respond to attacks after they have occurred, even if doing so efficiently. With the use of AI and machine learning, security and threat protection services are increasingly becoming more efficient at detecting potential threats and automating mitigation. Additionally, investing in a Threat Protection Service means you don’t have to be an expert in cybersecurity yourself, and instead, you can focus on what’s important for your business in peace.