Are Small and Medium-Sized Businesses (SMBs) too vulnerable to hacking?

When most people think of hacking and cybersecurity, they think of the 2016 election, the Yahoo Email Cyber Attack, or even the Home Depot and Target Credit Card Breaches. Sadly, these large-scale, highly publicized attacks give SMB’s a false sense of security, when none exists.

SMBs were the target of sixty percent of all online attacks in 2014.Travelers

The truth is that according to Travelers, SMBs were the target of sixty percent of all online attacks in 2014. That is a staggering statistic especially when the majority of SMB’s will justify their lack on spend on cybersecurity with the perceived notion that hackers are not interested in a company their size.

What SMB’s don’t realize is that they are attractive to cyber criminal simply because of their lack of spend on cybersecurity. They are easier to hack, and therefore, hackers can more quickly hack thousands SMB’s for the same cost of one Target, Home Depot, or Yahoo.

This is especially the case with ransomware attacks. The hackers responsible for ransomware seldom target their victims. In fact, ransomware is usually a crime of opportunity.

When someone accidentally stumbles upon an infected website or opens an infected email, the virus simply begins encrypting every file it can access. When it is done, it informs its victim of the ransom.

Why?

Because it works.

Hackers know they are more likely to profit from a ransomware attack than from stealing credit card numbers which are much harder to monetize.

Truthfully, Antivirus software is installed on most systems that are infected with ransomware. At least, that has been the case for this IT Professional that has seen the proliferation of ransomware attacks over the last seven years.

There is no magic pill. New variants of ransomware are detected daily, and all of these variants are tested against major antivirus solutions to ensure that they can run undetected.

While no solution is foolproof, SMB’s can take a high level of assurance in a security solution that is comprised of multiple security controls, each addressing a different vulnerability. Cisco refers to this concept as “defense in depth.”

There is no one-size-fits-all solution for SMB’s, but an IT security professional that specializes in SMB’s could help engineer a solution that won’t break the bank.