Skip to main content
Updated:
Original:

Cyber attacks double on small businesses

If you think that because you’re a small business, hackers won’t seek your data, consider this: a hacker can steal bank account and/or credit card information from your computer, package it with similar information from a hundred or more other small businesses and sell it on the black market for big bucks.

So says the fifth annual Verizon 2012 Data Breach Investigations Report, authored by Verizon Risk Team leader Christopher Porter. The report was produced in conjunction with the U.S. Secret Service and similar agencies from Australia to the Netherlands. Porter recently told PC World magazine: "Small businesses don't know how defenseless they've become, especially to automated and industrialized attack methodologies by organized crime."

According to security software maker Symantec, the percentage of targeted attacks on small businesses doubled in the first six months of this year. The company says it blocked an average of 58 attacks per day aimed at small businesses. Daily attacks on all businesses averaged 154, up 24 percent. Doing the math, it’s apparent hackers are dedicating more resources to what they see as vulnerable targets.

The attacks are not random, they’re targeted. It means an attack is tailored for a specific business. Hackers use publicly available information or even information stolen from another company such as a supplier. Basically, the attackers create emails with malicious attachments they believe will trick employees into opening. It’s been dubbed “social engineering” and it’s sophisticated. So just warning employees about opening emails with attachments isn’t likely to be much protection anymore.

It’s notable that of all the attacks the report studied, it found that 96 percent were easy for the hacker to achieve. What’s more, 97 percent could have been foiled without the need for difficult or expensive countermeasures. Therefore, the Verizon report offers some simple recommendations:

• Use a firewall on Internet-facing services. Hackers can’t steal what they can’t reach.

• Change default credentials on any point of sale and other systems that come with preset credentials. This could prevent unauthorized access.

• Monitor third-party vendors if they manage your firewalls or point-of-purchase systems to be sure they have implemented proper security.

• Educate your staff, particularly about social phishing. Establish policies and make sure they’re being followed.

• Follow through on any security technology you purchase to be sure you have configured it properly. Do not ignore reports.

• Think often about security. Check logs of your Windows OS system, point-of-purchase system and security software or have a professional do it for you.

Finally, Porter indicated that in most cases, attacks were mostly opportunistic. When a small business follows simple procedures, it is less likely to become a target. Cyber criminals look for the easy marks.

Related

Volvo Penta to Power Offshore Wind Farm Transfer Vessels

The Swedish company will provide quad IPS systems for crew-and-equipment transfer vessels being built by American Offshore Services.

ePropulsion Secures B+ Series Funding

The China-based company will use the investment — equal to tens of millions of U.S. dollars — to advance research and development in e-power technology innovations.

Discover Boating Moves Forward

The joint NMMA and MRAA effort reveals a new logo and its rebranding of the Miami International Boat Show.

The Outdoor Recreation Boom Continues

Bombardier Recreational Products saw revenue jump 28 percent to $4.2 billion for the year, but dipping in its fiscal Q3 due to supply chain constraints.

A Steady Decline

Demand remains strong, but supply-chain logjams continue to weaken boat registration numbers.

Heimensen Named MarineMax Marketing VP

The yacht retailer announced it has promoted its longtime marketing director Abbey Heimensen.

C.G. Foundation Launches GivingTuesday Matching Challenge

The Coast Guard Foundation is launching a matching gift in which Geico Military will triple all donations received by midnight tonight.