Protect small biz from cyber attacks

By Joyce M. Rosenberg, The Associated Press | June 18, 2018 | Last updated on June 18, 2018
2 min read

Small businesses suffered a barrage of computer invasions last year, but most took no action to shore up their security afterward, according to a survey by U.S. insurer Hiscox.

It finds that 47% of small businesses say they had one attack in 2017, and 44% say they had two to four attacks.

The invasions included ransomware, which makes a computer’s files unusable unless the device’s user or owner pays a ransom, and phishing, in which emails that look legitimate are used to steal information. The invasions also included what are called drive-by attacks, which infect websites and in turn the computers that visit them.

Read: Ripple, not bitcoin, set to convert crypto cynics: deVere CEO

Despite the prevalence of the data invasions, only about half of small businesses say they had a clear cybersecurity strategy, the report finds. And nearly two-thirds say they didn’t bolster their security after an attack.

Hiscox estimates that seven out of 10 businesses aren’t prepared to handle cyber attacks, although they can cost a company thousands of dollars or more. Ransomware can shut down operations.

Cybersecurity tends to get pushed to the back burner while owners are busy developing products and services, and working with clients and employees. Or owners may see it as an expense they can’t afford right now.

Read: Regulators talk tech, with tips for dealers

Here are some tips for small business owners.

  • Back up all of a company’s data securely. This means paying for a service that keeps a duplicate of all files on an ongoing basis. The best backups keep creating versions of a company’s files that can be accessed in the event of ransomware—eliminating the need to pay data thieves. Some backups cost just a few hundred dollars a year.
  • Install software that searches for and immobilizes viruses, malware and other harmful programs. Also install firewalls and data encryption programs.
  • Make sure business owners have all the updates and patches for your operating systems for all your devices. They often include security programs.
  • If owners have a website, learn how to protect it from hackers, using software including firewalls. But owners might be better off hiring a service that will monitor their sites with sophisticated tools that detect and disable intruders.
  • Tell employees, and keep reminding them, about the dangers of clicking on links or attachments in emails unless they’re completely sure the emails are from a legitimate source. Educate employees about phishing attacks and the tricks they use. Phishers are becoming increasingly sophisticated and are creating emails that look like they really could have come from your bank or a company you do business with.
  • Hire an information technology consultant who will regularly look at your systems to be sure you have the tools you need to keep your data safe.

Read: StatsCan survey will examine digital economy

The Associated Press logo

Joyce M. Rosenberg, The Associated Press

Joyce M. Rosenberg is a reporter with The Associated Press,  an American not-for-profit news agency headquartered in New York City and founded in 1846.