7 Facts about Attacks that SMBs Need to Know
Here are 7 facts about attacks that SMBs need to know, coming from an experienced Managed Service Provider.
Is your business prepared?
1. Phishing emails are at the most successful attack avenue.
Lack of cyber security awareness (training), weak passwords, and poor user practices are among the top reasons companies fall victim to cyberattacks.
As we reviewed in Don’t Become Hooked by a Phishing Scam:
The latest and greatest in these calamities is “phishing”, which is a coined phrase referring to the same concept as fishing – using a hook and bait to catch a fish.
The bait is communication via email and other means. The fish, anyone within your company.
No matter how upgraded your firewall is, how backed up your server is, or how many HR memos you send out sharing caution over spam emails, there is always at least one person who unknowingly clicks on a phishing email.
For better passwords check “Password or Passphrase? 5 Reasons to Use Passphrase”.
2. Ransomware is the #1 malware threat.
It comes to no one’s surprise that what any company, small business, or a giant corporation, fears the most is having their data under duress due to ransomware.
Yet, about 70% of Managed Service Providers report this type of attack as the most common malware threat to SMBs.
Interestingly enough, this point closely ties to #1 above since your own staff can be the weakest link within your organization or your last and best line of defense.
3. Covid-19 had an impact on security.
It did, but not as much as most people might think it did.
Survey results have revealed that there is a near-even split between MSPs who saw an increase in attacks and those who did not. This leads us to believe that the impact mostly came from a large workforce moving from a ‘protected’ office setup to what now is the “new normal” of work-from-home where security policies are (or were) not as secure.
It is critical for businesses to take measures to protect their network and data even when employees are working remotely. Make sure your IT department is taking the proper measures or ask a Managed Service Provider for advice on how to accomplish this.
4. Ransomware attackers have found their sweet spot.
MSPs reports indicate that the average ransom being requested of small businesses by the bad guys is about $5,600 (per incident), which is similar to last year’s $5,900 average. It seems these bad guys have found the sweet spot where businesses are “willing” to pay or can rapidly pay.
Depending on your organization’s financial situation, this may or may not seem like a lot, but the damage does not stop there. Reputation damage and productivity loss far exceed this.
It goes without saying that prevention goes a long way – there is no certainty the bad guys won’t just take the money to later sell your company data to someone else.
5. The impact of an attack sticks around.
62% of Managed IT Service Providers said that attacks impacted their clients’ productivity, and 39% said their clients experienced business-threatening downtime.
Downtime varied depending on the severity of the attack (the vector that was selected to penetrate) and the response either by internal means or by the MSP. It is a fact that no matter the response, there is a lot of stress and lost time trying to recover and then subsequent actions to “close the door” to ensure it does not happen again.
It continues to be true that phishing is the main avenue and it also continues to be true that personnel awareness helps to mitigate it.
6. The average cost of downtime is 94% greater than it was in 2019.
Downtime costs are nearly 50X greater than the requested ransom.
There are also 2 additional pieces of information to think about:
- The number of businesses being affected has increased by the same factor.
- There is no sign these attacks will decrease any time soon.
The obvious response to this is to get your staff aware and trained and, of course, talk to your Managed IT Service Provider to ensure you have proper backups and a realistic and practical business recovery solution in place.
7. Businesses with Disaster Recovery Solutions have an edge.
Businesses with BCDR (Business Continuity and Disaster Recovery) solutions are likely to experience much less downtime after an attack. Their data and networks are more easily restored so the business can continue much faster as measures are put into place to prevent future occurrences.
What would it cost your business to be down for hours, days, a week? A proactive approach offers peace of mind and long-term savings.
What does this really mean?
92% of MSPs predict that ransomware attacks will continue at current rates at the very least. It’s not going to get better.
If you were one of the bad guys and your ‘business’ was running well, would you stop? This ‘industry’ has become way too profitable for them.
You need to assess the security of your network, the competency of your workforce in preventing attacks, and the ability of your IT team to handle attacks and recover. Training, backups and disaster recovery solutions, and security policies and solutions must be a top priority.
Sound like a lot to handle? Find a reliable Managed IT Services Provider to handle it for you or have your IT Team liaise with one. Act!
What makes an MSP the top choice for protecting your business?
A whopping 84% of MSPs report being “very concerned” about ransomware, while only about 30% report that their clients feel the same way. They are aware of the gap between awareness and reality.
MSPs see business owners and executives not giving enough importance to this area while their personnel is not properly trained to prevent leaks and other undesirable incidents. This false sense of security is very dangerous.
95% of Managed Service Providers agree that their own businesses are increasingly becoming a primary target of attack. This makes a lot of sense since MSPs function as a protector for many other companies. Hacking such a company is like hitting the jackpot for the bad guys.
Fortunately, MSPs are aware of this and take every measure to strengthen their defenses with training and technological advancements to prevent this from happening. They are the best prepared to help your business do the same.
Does your company have a Business Continuity plan?
As you are undoubtedly aware, it’s your responsibility to protect your business from data loss and its chaotic aftereffects. We can help.
Even when you have a good IT Department, they are usually overwhelmed by providing support and other key functions within your organization. This is where we come into play as your Managed IT Services Provider – you will save time and money while having a team of highly trained professionals as your virtual IT team or an extension of your current one.
Reach out to us today to perform a complete risk assessment of your digital infrastructure and help you build a resilient security posture against various threats.
Reduce your IT costs by 25% to 30% while securing your data and maximizing uptime. Ask us how.
Tampa Bay Office: (813) 489-4122 | Washington D.C. Office: (703) 260-1119