According to Verizon’s 2018 Data Breach Investigations Report (11th Edition), there were over 53,000 incidents and 2,216 confirmed data breaches. Of these, 58% were categorized as attacks on small businesses. Exposure to attacks isn’t something new; I’ve previously written about protecting client and customer data. But this new report sheds some rather startling light on the problem of data breaches for small businesses. I think the findings may give you a heads up on where attacks come. And, as you’ll see, I’ll suggest what you should do to protect your business to the extent possible.
About the data breaches
You may think that breaches primarily come from hackers who are based in foreign countries. You’d be a little off base. In fact, 28% of breaches involved internal actors, such as system administrators for their own companies. Other internal actors have been identified as doctors or nurses in health care facilities, developers, managers, executives, cashiers, and those in human resources.
It’s not always easy to discover that you’ve been hacked. The report found that 68% of breaches took months or longer to discover.
Why are these breaches occurring? There’s no single answer, but 76% of breaches were financially motivated. They can compromise personal information, payments, and company secrets.
How are the breaches done? Attacks include:
- Ransomware. This is malicious software that locks a computer until money (a ransom) is paid. According to Verizon’s report, it’s the most prevalent type of malicious software.
- Botnets. According to Techopedia, this is defined as a group of private computers infected with malicious software and controlled as a group without the owners’ knowledge, to transmit malware or spam. A botnet is also referred to as a zombie army.
- Distributed Denial of Service (DDoS) attacks. TechTarget defines these as “an attack is an attack in which multiple compromised computer systems attack a target, such as a server, website or other network resource, and cause a denial of service for users of the targeted resource. The flood of incoming messages, connection requests or malformed packets to the target system forces it to slow down or even crash and shut down, thereby denying service to legitimate users or systems.”
What to do
This is always the key question: how can you prevent becoming a victim and what can you do if you are a victim despite your best efforts. There’s no single answer. There’s no one product that will block out all attacks. I recently experienced something akin to a DDoS and here’s what I’ve learned. Keep in mind that I’m no tech expert but have learned from experience.
- Use standard anti-virus products for basic protection. This will keep many attacks from penetrating your system.
- Back up data regularly. If you experience ransomware, you’re in a better position to decide whether to pay up. You can also start your system from scratch and reload your backed up data.
- Educate employees. Many malicious attacks enter by invitation, meaning that an employee may innocently open an email that’s infected. Set policy on email and Internet use.
- Have IT help on speed dial. Most small businesses don’t have IT departments, so make sure you know where to turn if you experience a problem.
- Consider cyber liability insurance. If you’re breached, the cost can be catastrophic. For example, if you hold personal information on employees and customers (e.g., bank/credit card information), you may be required by law to inform these individuals and provide credit monitoring or other services for them. Check your existing policy to see if it includes any cyber liability coverage (mine does because of the nature of my business and the type of business policy I carry). Likely you’ll need a separate policy.