Nearly 43% of hacking attacks affect small businesses, 60% of which go out of business within 6 months.

What Can a Business Do to Safeguard Against Cyberattacks?

December 1, 2017

Cyberattacks are in the news almost every day. Hackers are constantly on the lookout for data to steal—personal information, financial records, intellectual property, or whatever valuable data they can get. They can use the purloined data to steal money from bank accounts or to set up credit cards, or they may simply sell the personal information to a third party. Recent statistics show nearly 43% of
hacking attacks happen to small businesses. Even worse, 60% of small businesses that experience an attack go out of business within 6 months. But businesses can minimize vulnerability and consequences from cyberattacks.

Understanding the different types of cyberattacks helps develop strategies to protect against them.

  • Weak Passwords: Using one password for all logins gives hackers easy access to multiple digital venues containing personal and sensitive business information. With a low-cost graphics card, a hacker can run billions of eight-character passwords in a minute. The hacker can be successful less than 1% of the time and still gain access to a staggering amount of data.

  • Malware Attacks: Malware captures keystrokes, passwords, and data. An infected website, USB drive, or application gives the hacker enough accurate information to gain access to data.

  • Phishing Emails: These emails look like they come from an official source from inside or outside the company. They can come in different types. The first type directs the user to a doppelganger website and prompts the user to enter the user’s password. Then the hacker can access the official website using the password. The second type looks like an official workplace email that directs the user to accomplish a task.

  • Social Engineering: This encompasses a wide range of hacking techniques. One technique is for the hacker to pretend to be the user and force a reset of the password. Another is for the hacker to gain access to the user’s social media and create a twin account. Once the hacker has access to the original account, the hacker then has access to the information belonging to the user’s followers, friends, and contacts. The hacker can even use the twin account to gain access to credit card or banking information by offering a product or service that seems to come from the user.

  • Ransomware: Hackers hold a website hostage until the owner of the website pays a ransom. Paying the ransom doesn’t always unlock the website.

  • The Next Hacker Innovation: Hackers spend a lot of time and effort in navigating through barriers. Even before a type of cyberattack loses its effectiveness, hackers are on to developing the new technologies for cyberattacks.

But there are some measures a business can take to curtail its vulnerability, including:

  1. Conduct a security audit. Have a professional look at your technology infrastructure at all levels including e-storage, desktop computers, and other personal devices used by your employees.

  2. Don’t store more customer information than you really need. For example, if the business doesn’t need credit card information, there’s no reason to ask for it in the first place. If you do ask for information that is no longer relevant, set up a system to purge the information from your e-storage.

  1. Use cybersecurity software and keep it up to date. When one door is closed, a hacker will find another door or a window to get to information. Up-to-date cybersecurity software is designed to close the doors and windows.

  2. Train your employees to frustrate attacks. Security breaches often occur because employees unintentionally give sensitive information to a hacker disguised as a reputable contact, or they click on a malicious link. Even the most vigilant employee can get caught unaware. Give your employees the information they need to look out for, and avoid, potential threats. For example, creating strong passwords, being suspicious of links from unknown sources, being careful about the use of social media, and questioning unusual directives from a seemingly trusted source. Mobile employees should be careful about using free Wi-Fi networks such as in airports, coffee shops, and even on commuter trains.

  3. Encrypt sensitive data. Encryption can thwart data theft. For instance, if the data is on a thumb drive that is lost or stolen, whoever accesses it won’t be able to read it.

  4. Get cybersecurity insurance. General business insurance doesn’t automatically cover data breaches. Cybersecurity insurance is becoming more and more available. Cybersecurity insurance will cover most costs that result from hacking.

  5. Use virtual data rooms. A virtual data room is an online storage that only allows access to those who have the proper credentials. The virtual data room is a good place to store trade secrets, financial information, and other confidential information.

Nothing is foolproof when it comes to protecting against hackers, but with careful planning and diligence, a business can take many positive steps to frustrate cyberattacks.