The number of complaints received by the Internet Crime Complaint Center (IC3) in 2018 was 351,937. This marks a 16% increase from 2017, double that of the 8% increase in reports between 2016 and 2017. As reported crimes continue to rise, the threat to businesses from cyber criminals becomes increasingly present. The overall cost to Americans from cyber crime in 2018 almost doubled 2017’s figures, increasing from $1.4bn to $2.7bn. Cybersecurity is an essential part of any business and business leaders must wake up to this reality before it’s too late.
Though more data breach stories hit the news than ever last year, with Google and Amazon’s home assistants coming under fire, the continuing Cambridge Analytica scandal and Facebook leading the way with several major leaks, cyber crime stands to affect small businesses much more than corporations. The average cost of a cyber-attack to small businesses stands at around $200,000, which could be business-ending money for a small enterprise. When 43% of cyber-attacks are aimed at SMEs but only 14% are adequately prepared, many business owners are likely unaware of the vulnerable position they leave their company in.
The 2018 IC3 report highlights a number of prominent cybercrimes which disproportionately affect businesses. These included business email compromise, payroll diversion, extortion and personal data breaches. These crimes highlight how cyber security is everybody’s responsibility in an organisation and the many strategies cyber criminals can employ to gain access to your network.
Also read – Interesting Cyber security Trends
Business email compromise
One of the most common forms of phishing, business email compromise involves hacking or faking the emails of a member of the business in order to manipulate other employees into handing over sensitive information or authorizing bogus fund transfers. Phishing emails directly target employees and use social engineering strategies like emphasizing urgency, importance or threat to increase pressure on the recipient. The best way to reduce the threat from this kind of crime is to ensure all members of the company have cyber security training and are made aware of the importance of double-checking important requests.
Must read – Best Cyber Security Habits – You Must Practice
Cyber criminals also sometimes use phishing emails to convince employees to hand over their own login information, using this to then change their payroll details and divert their payments to an account controlled by the criminal. The IC3 received 100 complaints of payroll diversion in 2018 which cost businesses $100m.
Emphasizing the need for security at all times and not sharing account information with anyone else at the business is vital to avoid this type of crime. Establishing robust processes for changing payment details can also help avoid this issue should a criminal access login details.
Also read – What is the significance of SSL Certificate?
Extortion affects victims both at home and at work but some strategies which mainly target businesses include Denial of Service attacks and ransomware. Falling prey to ransomware can be mitigated by ensuring all sensitive data held online is backed up on a completely separate server so that in the event of information being held at ransom, the company is able to recover most of the data without having to pay out.
Denial of Service attacks involve flooding the company’s server or specific machines with requests and traffic to make them crash and become completely unusable. Many internet service providers have extra provisions to distribute this harmful traffic across their network, allowing your machines to remain unaffected. DoS attacks can result in huge dents to productivity and the loss of data from affected machines so ensuring precautions are taken ensures your business can continue operating efficiently.
Also read – New Cyber-Security Threat is “Brainjacking”
Personal data breaches
Data breaches are one of the most common cybercrimes happening today. The number of data breaches reported has increased by 150% in the last four years as companies and consumers become more aware of the threat to our personal details online. With many major companies being responsible for millions of compromised records, it’s common to think that this kind of issue doesn’t affect smaller companies. However, records are leaked from smaller companies all the time without being reported by the media and the fallout from a data breach can be drastic.
In addition to the cost of the damage, companies can face insurance claims, a loss of reputation and a loss of revenue from a data breach which has a much bigger impact the smaller the business. The only way to reduce the damage of a data breach is to ensure the business is using sophisticated cyber security software and strategies and to have cyber insurance which can cover consumer claims should a breach occur.
Also read – Network security v/s Cyber Security
The cyber landscape for all businesses continues to become more treacherous as criminals find new and complicated ways to hack and manipulate employees and networks. The bare minimum cyber security measures will not work forever and small business owners should seriously consider the cost of a hack over the cost of pre-emptive protection.
Author Bio: This article was written by Damon Culbert from Cybersecurity Professionals, cyber security jobsite worldwide.