Broadband Internet access opens the world to businesses, both large and small. Companies from throughout our region have efficient access to an array of resources, including point-of-sale systems, online accounting, digital marketing opportunities and the latest communications tools.
In fact, rural small businesses face significant threats, according to a recent report by Symantec, a firm focused on digital security. About 30 percent — three out of every 10 — cyber attacks target small businesses.
Attackers may take advantage of security controls that are often weaker in small businesses than in larger companies.
But the risk from weak cyber security may extend beyond a single small business. In today’s connected world, a small business might have a trusted relationship with a larger company that may include the sharing of digital information between organizations. An attacker can target the weakest link, often the small business, and those vulnerabilities can then be exploited to eventually reach the larger company.
Last year, Target learned a costly lesson. A hacker leveraged the trust between Target and a small vendor. The result? The attack compromised credit card details and the personal information of Target customers. Estimates for the potential financial loss from the assault climbed into the millions.
While the risk of cyber attack is high, most small business owners have a false sense of security, according to a survey by the National Cyber Security Alliance.
In fact, 77 percent of small business owners who were surveyed reported that their business was safe from cyber threats, such as hackers, viruses and malware.
The same report, however, provided a contradiction. Eighty-three percent of surveyed business owners reported having no formal cyber security plan.
While there are many possible threats, three are most common:
Trojans — Not all digital notes arriving from the Internet deserve trust. A message might appear to come from a reliable source, such as a bank. That message, however, could be from a hacker hoping to lure you into providing passwords, account numbers or other sensitive personal information. Avoid clicking on a link in an email. When in doubt, contact the sender and verify that the message is legitimate.
Social Engineering — Just asking is often the easiest way for a bad guy to get your password. A cyber criminal might pose as someone who is trusted in hopes of a small business employee giving up secure information. Business owners should inform employees of the risk and train them to respond.
Malware — Many forms of malicious software fall into this category of attack. Keeping all software, operating systems and anti-virus tools updated to the latest versions can lower risk.