Small businesses are, in many ways, the lifeblood of our economy, responsible for the creation of 64 percent of all new jobs in the U.S. These economic mainstays also account for 54 percent of all U.S. sales and approximately half of all private-sector payrolls. At the same time, however, these small businesses could be just one unlucky mouse click away from closing their doors if a malicious email attachment or a compromised website results in a data breach.
According to a 2012 study by the National Cyber Security Alliance, 60 percent of small businesses close their doors within six months of a data breach, which can cost a business money, but also reputation. But the Verizon 2013 Data Breach Investigations Report reveals that small and midsize businesses (SMB) are the top targets for cybercriminals, suffering breaches more often than larger firms.
Cyber-criminals have become even more efficient in recent years, with their attacks being precise and incredibly calculated. To get the biggest bang for their buck, the FireEye whitepaper states, cybercriminals target SMB segments to leverage the compromised SMB networks, launching attacks against other targets.
Click through to learn more about the FireEye’s top 5 reasons cybercriminals target the SMB sector.
Reason 1: Your data is more valuable than you think.
All businesses have information that needs to remain confidential — whether it is employee’s personal data or a customer’s credit card numbers. But in addition to having their own data, many SMBs also do businesses with other companies. These ties to their partners’ systems can include integrated supply chains or access to sensitive data and intellectual property of bigger corporations.
“It might not be your data they’re after at all,” the Verizon report states. “If your organization does business with others that fall within the espionage crosshairs, you might make a great pivot point to their environment.
While business owners may see their small business as a little fish in a big pond, the connections to the major targets — the big fish — can put small businesses at risk.
Reason 2: Cyber attacks offer low risk and high returns for criminals.
The Internet has made it possible for cybercriminals to launch attacks from anywhere in the world. Because of this, they are rarely caught or punished for their crimes. In addition, advanced malware can take weeks — even months — to detect.
Small businesses, in general, are not as equipped as larger businesses when it comes to detecting threats and responding proactively. With too much to gain, and almost nothing to lose, attackers have strong incentives to attack SMBs.