My email was recently compromised by someone who graciously offered to unlock things for a “easy” fee. After I flashed them the internationally recognized hand gesture they deserved, it brought into focus the need for dealers to recognize that a system hack is a genuine threat to their businesses.
If your dealership hasn’t been victimized by some Internet criminal, consider yourself fortunate. There’s plenty of evidence that cyber attacks are continuing to rise. Of course, we hear about big-name hacks — for example, the city of Baltimore. Last summer, hackers froze thousands of city computers and demanded $76,000 in bitcoin as ransom. The city did not pay. In the end, the attack cost Baltimore $18 million and impacted many systems, including disrupting employee email, halting water billing, suspending real estate transactions and more.
The fact that the big guys get the nightly media coverage can lull small businesses into thinking cyber crime isn’t their concern. Reports indicate that small businesses are easier and potentially more lucrative targets because major businesses can spend heavily on cyber security to make a hack more difficult. Small businesses are now the low-hanging fruit.
The financial toll has also dramatically increased, according to research from the Center for Forensic Accounting at Florida Atlantic University. Known financial losses from cyber attacks rose 88 percent, from $95 million in 2015 to $178 million in 2018. Moreover, the losses for individual victims rose from less than $5,000 per incident to more than $7,200. And that study only reviewed cases reported to the FBI — a fraction of all Internet crimes.
Scammers are continuously finding new ways to breach businesses, governments and even an average guy like me. The Securities and Exchange Commission warns about such problems for small and midsize businesses. A Harris Poll study conducted for Nationwide Insurance revealed that 63 percent of small-business owners said they had been victims of at least one of the following:
- computer virus (44 percent)
- phishing (30 percent)
- Trojan horse (22 percent)
- hacking (16 percent)
- data breach (11 percent)
- issues because of unpatched software (10 percent)
- unauthorized access to customer information (9 percent)
- unauthorized access to company information (8 percent)
Let’s face it. Keeping your head in the sand can mean cost and trouble ahead. In another survey, 40 percent of respondents didn’t think they would suffer such an attack. Really? The constantly shifting cyber landscape leaves small businesses increasingly confronted by changing threats.
Take ransomware, for example. With this breach, the cybercriminal encrypts a firm’s files and demands a ransom payment to release them. The number of such attacks reportedly is huge, with ransomware programs now known to target more than 230 types of computer files. Then, of course, there’s the inevitable cost.
According to the National Small Business Association, the cost of the average attack is up 140 percent, from $8,699 in 2013 to $20,752 in 2018. It was even more costly for firms whose bank accounts were hacked, up nearly 187 percent. Moreover, the survey found that small businesses victimized once were more likely to be targeted again.
If you’ve yet to take the threat seriously, here are four basic actions to consider:
- Know exactly who has access to your data and/or network and reduce that number to an absolute minimum. Also, know what information is being shared with any outside suppliers that could make you vulnerable through them. It’s fair to ask for details about their cyber security provisions. In addition, know what hardware is leaving your dealership, such as laptops and USB sticks, and why.
- Employees must be educated. Discuss and test commonly used social media tactics, such as fraudulent computer offers and links. Take care if you use an online computing service because your information can be compromised by their systems. Set social network profiles to private and check security settings. And always be mindful of the information you post online.
- Strengthen passwords regularly. Evaluate the feasibility of encrypting your most sensitive data, making a backup and storing it in a fireproof safe or off-site. Use a dedicated computer for the most sensitive information. Secure your Wi-Fi networks to prevent hackers from accessing servers. Install and update spyware, anti-virus and anti-malware software. Activate your network firewall to block connections used to hack into your system and deliver viruses, and set employee-permission levels for downloads.
- Recognize that there may be a liability for you in the event of a cyber security failure, which has led to insurance coverage for losses in case of a breach or fraud. Perhaps your insurance agent may help assess your cyber security risks. And be very attentive to any security software updates because cybercrime is a real threat to any dealership.