Why are SMEs particularly at risk?
A 2021 Ipsos Mori survey found that 27% of small businesses were attacked once a week and only 15% had carried out a cyber security audit, meaning they had no knowledge of where the vulnerabilities in their systems can be found.
A small business may not prioritise cyber security because they don’t have the budget or processes in place to protect them from a cyber attack. But the financial loss of an attack could cause irrevocable damage to an SME.
Another factor is that SMEs often associate cyber attacks with big organisations or institutions. They often think, ‘well, why would anyone care about targeting me?’ – when in reality that line of thinking is exactly why attackers do target SMEs. So let’s talk small business cyber security!
Why is protection important?
The importance of securing your business is to prevent unauthorised access to a substantial amount of personal and business information that is stored on devices and hardware.
Digital platforms and devices play an important role in making businesses a success. This ranges from online banking, to storing private and confidential information online, website platforms and social media. Thus, if one of these were to get hacked, this could cause severe damage to your business.
The main purpose is to protect the devices, services and networks used within organisations, especially small business cyber security.
Below outlines the key areas as to why it is important to protect your SME:
- It prevents data breaches. Avoid personal, company and customer information being leaked via the internet. A data breach can impact your company reputation, making it difficult to retain existing customers and gain new ones.
- A cyber-attack can damage important files, hardware and software. This will result in downtime for your business while the issue is being resolved. This can mean your business will lose money.
- By being resilient, you will be prepared for a situation arising and ensure there is a response plan in place. This means you will not lose important data and you can get back up and running quickly and efficiently as soon as possible.
What are the main threats for small business?
Malware
Malware is malicious software specifically designed to cause damage to a computer, server, contacts, or computer network. There are many forms of malware, this includes: viruses, worms, trojan horses, spyware, ransomware, scareware, botnets and rogue security.
Each of the Malwares are a programme which replicates itself by transforming other computer programmes and inserting its own code. Users can frequently be tricked into clicking on links which can then infect their computer.
How can you prevent this?
- Update your operating system, browsers, and plugin
- Remove software that is no longer used
- Be conscious of fake security numbers
- Utilise a strong password
- Ensure your business is using firewall and anti-ransomware technology
Ensure your computer software is updated regularly to protect any viruses from harming your network, systems, and devices.
By installing an anti-virus software, it will allow updates to be made regularly and clear out any harmful or potential harmful viruses.
It’s also important to ensure you’re aware of the signs of a virus so you can deal with the problem quickly. Signs that your business computer has a virus include:
- Unexpected shutdowns
- Your computer has slowed down and/or takes a long time to shut down or restart
- Repeated error messages
- New toolbars you didn’t install
- Changes to your homepage
- Your battery drains very quickly
Phishing
Phishing scams are used to obtain sensitive information such as usernames, passwords, financial details such as credit cards. This sensitive information can be obtained by disguising itself as an email or text message.
How can you prevent this?
The most common email signs are:
- Spelling and grammar mistakes
- It’s from a shop or provider you don’t use
- They might be pushy, rude or demanding
- They ask for financial or other personal information. A genuine company would never ask you to supply this type of information over an email
- It includes a suspicious attachment
- The email address looks suspicious. Before responding to anything, always check the email address.
- The link looks suspicious. If you hover over the links in the email and they don’t show the URL of the company the email is apparently from or are lengthy and confusing, this is another sign of a phishing attack
Ransomware
Ransomware infects your computer and holds data to ransom; this can lead to a demand of a substantial amount of money for its release. It occurs through gaining access to computers via phishing emails with infected links or attachments which employees can click without knowing it’s infected.
Below are common signs of a ransomware attack:
- You can’t access your desktop or files
- Your files have a new extension appended to their name. While a word document will have .doc at the end for example, an infected file might have a strange extension such as .ezz
- Software tools you haven’t installed are appearing on your network
- Unexplained administrator accounts have been created
If a ransomware attack occurs within your organisation, it is important that the demanded payment is not paid. By paying the amount, it does not ensure that you will get your files back nor does it prevent future attacks.
How can you prevent this?
- Conduct regular back ups
- Update all software
- Use strong security software
DDoS Attacks
DDoS stands for a distributed denial-of-service attack. This is to purposely attempt to disrupt traffic to a network, this will result in businesses not being able to trade for minutes, hours and at times days. This is due to the company’s server shutting down.
How can you prevent this?
- Secure your network infrastructure
- Update systems and networks regularly
- Know the amount of bandwidth your business uses and add more if needed
- Ensure basic network security is installed
Hacking
Many businesses can get hacked for many reasons. Below are ways to prevent hackers from gaining access to your network and system:
- Use strong passwords
- Use two-factor authentication
- Have different passwords for everything
- Choose an Internet Service Provider that offers built-in security features
- Keep anti-virus and anti-spyware software up to date
- Install a network firewall
- Encrypt customer data and sensitive information
- Limit access to certain online information
- Block high-risk sites from being viewed by employees
Viruses
Ensure your computer software is updated regularly to protect any viruses from harming your network, systems, and devices.
By installing an anti-virus software, it will ensure updates are made regularly and clear out any harmful or potentially harmful viruses.
It’s also important to ensure your small business is aware of the signs of a virus so you can deal with the problem quickly. Signs that your computer has picked up a virus include:
- Unexpected shutdowns
- Your computer has slowed down and/or takes a long time to shut down or restart
- Repeated error messages
- New toolbars you didn’t install
- Changes to your homepage
- Your battery drains very quickly
Although the risks of virtual attacks are high, especially for small businesses, it is extremely important to ensure you take the steps above to reduce/or eliminate it from occurring by ensuring employees are always trained and are aware of the signs.
Contact National CRC Group today to find out how we can help you and your small business with cyber security for your networks and systems.
