Cyber criminals are going after small businesses more than ever, with startups at the greatest risk. Targeted attacks on small businesses increased 42% in 2012 from the previous year, according to a new report by the $6.9 billion security software giant Symantec Corp, headquartered in Mountain View, California.
Symantecâ€™s 2013 Internet Security Threat Report, Volume 18, highlighted cumulative data of attacks in 2012. One of the main findings was that 31% of all targeted attacks are directed at small businesses with less than 250 employees. Moreover, cyber attackers target startups as quickly as two months after a new business sets up its website and exchanges its first emails and instant messages. Within 10 months, most startups have been infected with malware, the report states.
Small businesses are easy targets for cyber criminals for several reasons; one being the lack of security practice. Small business owners are mistaken in believing they donâ€™t have what cyber attackers want and thinking that they are immune to attacks targeted at them, says Kevin Haley, director of product management for Symantec Security Response, a worldwide team of security engineers, threat analysts and researchers.
What cybercriminals want most is money, which they try to get their hands on by collecting various information including bank account numbers, customer data, and intellectual property. According to Symantec, this information can be accessed when cyber attackers use sites to redirect users to malicious sites, or when they send emails with links to bad websites. The threat report further showed that roughly 32% of all mobile threats steal information.
Criminal activity is often driven by crimes of opportunity. Attackers know small businesses are less careful in their cyber defense than larger enterprises and they use this to their advantage. Symantecâ€™s threat report also revealed that attackers use small companies to lure in larger companies. Being that a larger companyâ€™s defenses usually stop attackers from gaining access to their data, they often target a smaller business that has a relationship with a larger company in order to gain access.
Haley offers the following six tips on how small business owners can protect their companies from cyber attacks: