Small Businesses Are Under Cyber Attack

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

Ransomware, crypto jacking and phishing are now the biggest threat to the survival of small- and medium-sized companies (not to mention large companies, local governments, and even the federal government). Here are some sobering statistics:

  1. Ransomware or hackers attack a business every 14 seconds in the United States.
  2. Sonicwall (a major firewall vendor) reported a 300% increase in the frequency of attacks in 2018.
  3. Ransomware attacks on healthcare organizations will quadruple by next year.
  4. The financial impact of ransomware attacks against small companies is predicted to reach $11.5 billion dollars in 2019.
  5. MOST ALARMING: 91% of cyberattacks begin with a spear phishing email, the most common way to infect a company with ransomware.

The threat landscape has changed significantly in the last 12 months. It used to be the reliability of our client’s backups and disaster recovery options that would worry me at night.

Now, it is that Susie in accounting will get an email from what looks like a friend, click on a link, and in 60 seconds, accidentally encrypt and infect the client’s entire network. This is happening hundreds of times a week across the US to companies of every size.

We checked our firewall here at Tech Experts’ – our own firewall! In the 10 minutes I captured the log, our firewall stopped 11 attacks from countries like China, Romania, Russia and Korea. That is more than one per minute.

As I said, the threat landscape facing small- and medium-sized companies has changed entirely and has never been more dangerous.

With nearly a billion dollars a month of potential ransomware payouts, all of the bad guys – including nation-states like Russia and China – are putting a ton of resources into attacking anyone and everything in the hopes of hitting pay dirt.

The truly scary part: We have to get your systems and network protection 100% right, 100% of the time. Your employees have to be smart about their email and what they click on 100% of the time. However, the cyber-criminals only have to get things right once and we’ve all lost.

So, what are we going to do about it?

Simply, we have to help our clients implement good cyber and security hygiene, deploy security best practices such as complex passwords and password rotation, lock down application installations and other local admin rights, and expand the protection layers with more comprehensive security applications.

We do a lot to protect your network and your business – but we have to do more. Please call our office to discuss IT security for your company.