A surge in hacking attacks against financial establishments and government organizations have left many business owners perturbed. Although most of the reports on hacking do not cover what is happening in the small-business sector, experts warn that such businesses may have a lot to worry about when it comes to cyber security.
“It is critical for small businesses to secure their systems against cyber attacks,” explains Ryan Berg, managing director of Black and Berg Cyber Defense, specialists in cyber defense and global offensive cyber strategy. Berg says small businesses may be targeted for hacking not only because of the valuable data they hold, but also because their lax cyber defense make them safe launching and concealment sites for more severe cybercriminal activities.
Indeed, recent reports indicate a steady increase in phishing activities, with most targets being small entities and individual consumers conducting transactions online. For example, the number of brands targeted by phishing activities in April 2011 was 30 percent higher than in the same period the previous year. The data collected at the Internet Crime Complaint Center is even more staggering.
While most of it does not explicitly categorize small businesses, the majority of the attacks reported have been those involving small entities, theft of individual data, or data from small groups of individuals. This suggests that small businesses that predominantly use the Internet, such as Internet café owners, tax accountants and travel agencies, may be quite vulnerable. The most vulnerable, however, may be those small businesses that exist entirely in cyberspace, such as online news hubs and money transfer sites.
In spite of the security loopholes and raw data depicting serious cyber-security threats to small businesses, experts lament that most small business owners are still not taking adequate measures to secure themselves and their customers. “Most small business owners do not seem to be fully aware of the threat they are exposed to,” says Berg, whose company tries to reach out to small businesses to sensitize them on cyber security issues.
He adds that the main challenges for cyber security experts who reach out to small businesses are reluctance on the part of the business owners to commit to a security strategy and the overwhelming concern for privacy.
Marvin Briner, whose Internet café businesses has survived the tumultuous economy so far, sees small businesses as less of a target for hackers than large companies, but agrees that small businesses in general should take stronger cyber-protection measures. Installing firewalls and antivirus software simply may not be enough, he says.