Skip to content

Hackers continue their assault on America’s small businesses

by Neal O'Farrell on April 18th, 2013

The recently published 2012 Internet Security Threat Report from Symantec offers a deep and sometimes chilling insight into the world of cybercrime, the crooks, and the victims.

The report is pretty comprehensive but one of the first snippets to jump out at me was Symantec’s discovery that the largest growth area for targeted attacks in 2012 was the small business. Businesses with fewer than 250 employees accounted for nearly a third of all attacks detected by Symantec. And that was double the previous year.

Yet another clear sign that the small business is clearly a hot target for hackers. According to Symantec, “small businesses believe they are immune to attacks targeted at them. However, money stolen from a small business is as easy to spend as money stolen from a large business. And while small businesses may assume that they have nothing a targeted attacker would want to steal, they forget that they retain customer information, create intellectual property, and keep money in the bank.”

Small business owners have argued for years that they can simply hide in the crowd because there are simply so many of them (27 million in the U.S. alone), and hackers will never find them. They forget though, that hackers are using sophisticated automated tools to prod and probe millions of small businesses, and jump on the ones, the many, they find vulnerable.

Those vulnerabilities can lead to data and identity theft, the distribution of malware and ransomware, the launch of crippling Denial of Service attacks, and even the blacklisting of the business web site by search engines.

Symantec also made another argument that could point to the selfishness of some business owners when it comes to security. And that even if you won’t do it for yourself, do it for others. “The lack of adequate security practices by small businesses threatens all of us,” says Symantec. “Attackers deterred by a large company’s defenses often choose to breach the lesser defenses of a small business that has a business relationship with the attacker’s ultimate target, using the smaller company to leap frog into the larger one.”

In the coming weeks I’ll be highlight even more research that reveals the stunning number of small business web sites that are identified with major security vulnerabilities each month, and evidence that hackers are actively hijacking these sites.

From → In the Headlines