Hackers are starting to forgo “big scores” that are harder to accomplish, and have been moving on to ultimately easier thefts from smaller and medium-sized businesses whose generally lax to non-existent security systems equal easy profits for thieves. “Takes” from larger firms could involve significantly greater sums of money, but hackers know it’s much less difficult to victimize small companies, even if they can only net smaller amounts of money.
In physics, there is a concept known as “the path of least resistance,” which states that objects moving in a system take the path where they will encounter the fewest challenges and hurdles in order to quickly move to wherever they are going. Sadly, it’s clear that this same principle applies to hackers nowadays.
Let’s examine a couple of the reasons why this troubling trend is building.
Reason 1: Lack of IT Infrastructure Support in Small Businesses
First, smaller companies generally have much more vulnerable IT systems. Security is minimal or average at best, and hackers don’t attract as much attention in exploiting this weak security compared to trying to breach the much more complicated, state-of-the-art security systems of bigger firms and businesses. There are often fewer people (and sometimes zero people), dedicated to monitoring systems security in smaller businesses, so hacks can go undetected for longer periods of time.
Sadly, there are countless examples of small businesses that have been damaged by thieves. Take a small, two-location newsstand business in Chicago as one illustration – cybercriminals were able to install a Trojan horse in the cash registers that sent swiped credit card numbers to Russia. When the breach was discovered, Mastercard demanded an investigation at the business owner’s expense, and the proprietor had to shell out a hefty $22,000 to satisfy the credit card company’s requirements. While this expense did not cause permanent problems for the business, there are many small companies that could not as easily recover from a $22,000 loss.
Reason 2: Ignorance of Risks
A survey by the National Retail Federation and First Data Corp. in the United States revealed that more than half (64%) of small or medium-sized businesses believed that they ran NO risk of being victimized by hackers, though 86% of respondents stated they care about keeping customer data safe. So, while there are plenty of good intentions, many smaller businesses simply don’t realize that they need to be proactive to keep their data safe from hackers.
In the end, the loss of a few thousand dollars from theft or absorbing credit card companies’ investigation costs following a breach, may not be much for a big business, but it can significantly damage or even force smaller organizations to permanently close. These days, data breaches are all over the news, and even if your business can survive one, your reputation can take a hit as customer trust is lost.
Fortunately, you do not have to put your business at risk. The IT security experts at Technical Action Group are here to keep your small business safe. Contact us todayso we can discuss options for improving the security of your business’s systems and sensitive customer data.