After the numerous security breaches that happened on large organization during the past few months, small businesses are being encouraged to improve their security. A lot of entrepreneurs are not aware that small businesses are also exposed to the same level of risk just like the large businesses. During this situation, sensitive information about the users of an app will be obtained by the hacker. Based on the latest report, at least 50% of the small companies have experience security breach over the past 12 months. The other question is why aren’t they reporting this? Cyber threats are real and we need to make sure we have some kind of cyber security plan.
Why Some Hackers Prefer Small Business?
Security breaches on large or organization such as Home Depot and Target will surely land on the headline. However, the larger percentage of security attacks that happened on small companies should not be ignored. The primary reason why most hackers prefer to target them is they have larger digital assets on a particular customer compared to large companies. Another important factor why hackers prefer them is their low level of security. Based on the infographic that was released by Tower Insurance, at least 82% of the small business owners believe that they are not the target of these attacks which means that they do not invest on their digital security.
Kinds of Cyber Attacks
The usual goal of the cyber attacks is to steal and take advantage of the sensitive information and data. They can steal the credential of the customer or the credit card information. The techniques that the hackers can use to launch an attack will vary, and it is continuously evolving as the industry also introduces the latest security mechanism. Here are some of the most common attacks.
- Advanced Persistent Threats (APT) – this is a long-term cyber security attacks that is being conducted on numerous phase in order to avoid being detected by the system.
- DDoS – Distributed Denial of Service or popularly known as DDoS will possibly occur when there is an elevated amount of requests on the server. The goal of this attack is to shut down the network system or website of the target.
- Inside Attack – This can be launched by the person with an administrative access. Some authorized personnel can misuse his authority and access the sensitive information of the company. Former employees who leave the companies with grudge may also be a threat.
- Password Attack – There is different types of password attacks. The hacker may use brute force wherein the hacker will guess the word, they can also use dictionary attack where the hacker will use a combination of words found in the dictionary and key loggers that will record the login credentials of the user.
- Phishing – This is the most common method used by the cyber attackers. The hacker will deploy an authentic-looking duplicate website that aims to steal the sensitive information and credential of the user.
After being aware of the common security threats, small businesses are encouraged to organize a comprehensive security solution to stay away from these attacks. Using antivirus can help you prevent malware, but for other attacks such as inside attack, you need to employ a company policy and increase the awareness of your employee on the consequences of these threats.
For all those small business owners that have CMS websites like WordPress, make sure to install your updates. Just in case you missed it, run updates and patch those plugins.
Happy Cyber Security Awareness Month!