Small Business Cybersecurity: Protecting Your Business from Devastating Threats

Posted September 26, 2023

Small and mid-sized businesses are increasingly becoming targets of cyber attacks, and the consequences can be devastating. In fact, according to the US National Cyber Security Alliance, 60% of small businesses that suffer a cyber attack go out of business within the next six months. This highlights the urgent need for small and mid-sized business executives to take cybersecurity seriously and take steps to protect their businesses from threats. In this article, we’ll explore some real-life examples of cyber attacks on small businesses and common methods of attack, as well as provide tips for protecting your business from cyber threats.

Here are some real-life examples of cyber attacks on small businesses:

Green Ford Sales, a car dealership in Kansas, lost $23,000 when hackers broke into their network and swiped bank account info. They added nine fake employees to the payroll and paid them for several weeks before the dealership discovered the fraud.
Wright Hotels, a real estate development firm, lost $1 million from their bank account after thieves gained access to a company email account. The thieves were able to impersonate the owner and convince the bookkeeper to wire money to an account in China.
Maine-based PATCO Construction lost $588,000 in a Trojan horse cyber-heist. Although they managed to reclaim some of the money, they were still hit with additional interest and overdraft charges from their bank due to the loss of funds.
According to AAG, a case study covering the US, Canada, UK, Australia, and New Zealand found that 76% of respondents reported their organization had suffered at least one cyber attack in 2023. This is a significant increase from the 55% figure reported in 2020.

These examples illustrate the real and significant impact that cyber attacks can have on small businesses. It is crucial for small and mid-sized business executives to take cybersecurity seriously and take steps to protect their businesses from these threats.

Hackers can gain access to small businesses’ networks in a variety of ways. Here are some common methods:

Social engineering: Hackers use social engineering tactics, such as phishing emails, to trick employees into giving up sensitive information or clicking on malicious links.
Weak passwords: Passwords that are easy to guess or crack can provide hackers with easy access to a business’s network. It is important for small businesses to enforce strong password policies and educate employees on password best practices.
Malware: Malware can be introduced to a business’s network through a variety of means, such as downloading infected files or visiting malicious websites. Small businesses should ensure that all software is up-to-date and that employees are trained to recognize and avoid potential malware threats.
Vulnerable security frameworks: Hackers can exploit vulnerabilities in a business’s security framework to gain access to their network. Small businesses should regularly assess their security framework and make necessary updates to ensure that their network is secure.
Public-facing applications: Anything internet-facing can be a threat if not properly patched and updated. A poorly secured website or database can be the launchpad for an exploit.
External remote services: Theft of valid accounts is often combined with remote corporate services like VPNs or other access mechanisms. This allows attackers to infiltrate and persist on a network.
Scanning networks for vulnerabilities and exploitation: Hackers may scan a business’s network to find vulnerabilities and exploit them to gain access. Small businesses should regularly scan their networks for vulnerabilities and take necessary steps to address them.

By understanding these common methods of attack, small and mid-sized business executives can take steps to protect their businesses from cyber threats. This includes implementing strong password policies, training employees on cybersecurity best practices, and regularly assessing and updating their security framework.

Kyle Vinar

Kyle Vinar is Partner / President of Verus Corporation. He oversees all business operations and coaches Verus teams to continually improve on their solutions from client experience to product development and overall solution implementation. He works with all Verus resources to increase efficiencies and excellence in every aspect of their organizational roles. Kyle believes that people are the last real competitive edge that a company can have and constructing a rich culture is a vital step in running a world-class organization. Therefore he strives to create a culture within Verus that allows everyone to show up authentically and grow both personally and professionally, which in turn allows Verus Corp team members to provide clients with top-of-the-line service. Kyle helps balance strategy, capacity, and culture in such a way that has allowed Verus Corp to achieve exponential growth since he joined the company in 2013. One of Kyle’s greatest professional achievements has been in helping lay the foundation upon which Verus Corporation could be named the 2nd Best Place to Work by the Minneapolis/St. Paul Business Journal. Kyle holds a Bachelor of Science in Marketing from St. Cloud State University. He lives in Champlin with his wife and 3 children. He has enjoyed volunteering as a soccer coach for over 6 years and was the former Director of Coaching for Rebels Soccer Club. If Kyle isn’t on the sidelines of one of his children’s soccer games or in the audience of his eldest’s musicals, he can often be found cruising scenic routes on his Harley, in a deer stand, or on the golf course.