Search By Topic:

Popular Topics:



News & Features | Sep 16th, 2011

Hacking Small Businesses Is Big Business for Cybercriminals

Jan Legnitto

From TJ Maxx to Sony, Citibank and Twitter, the growing list of  companies that have fallen victim to hackers reads like Who’s Who in American Business. That might lead small and medium sized business owners to conclude one of two things:  they’re protected from hack attacks because they’re too small to be tantalizing targets. Or even if they aren’t safe, there’s nothing they can do to protect themselves.

For Cybercriminals Planning Hack Attacks, Small is Beautiful

The reality is both of these assumptions are dead wrong. And for the average business owner, both of them could prove to be fatal.  According to Verizon’s 2011 Data Breach Investigations Report, small to medium sized businesses have become hackers’ main targets. Why? Because cybercrime organizations using automated hacking can steal as much or more data from them with less risk of getting caught.

Take the case of Michelle Marsico who owns Village View Escrow Inc. in Redondo Beach, California. According to the Los Angeles Times, in 2010, hackers stole $465,000 from one of company’s business accounts. How did they do it? Marsico told the LA Times that cyberthieves may have gotten access to the account through her company’s computer system. Once in, they wired the money overseas. Only about 20% of it was recovered. Marsico has gone public about what happened to her to warn other business owners.

FBI Says Hack Attacks Are Targeting Small Business Accounts

In April, the FBI issued an alert about a type of hack attack in which thieves steal the online banking login information of businesses and use it to transfer money out of their accounts. According to The Wall Street Journal, that’s what happened to Lease Duckwall, owner of Green Ford Sales Inc. in Abilene, Kansas. Last November, a hacker added nine new employees to the car dealer’s payroll and transferred $63,000 to them. Duckwall didn’t find out until the next morning. That was soon enough to have his bank freeze the funds in six of the cases. But the other three payments had already been withdrawn; and the cash had been wired offshore.

If your business network, database or website is hacked, the cost to your company could be staggering. A recent blog post on IEEE Spectrum online reported that the annual amount stolen from small business bank accounts that have been hacked is one billion dollars or more annually. To make matters worse, there’s currently no law that protects small businesses from fraudulent wire transfers. That means, if the bank can prove that it was your account that was hacked, you’re responsible.

A 2010 Symantec survey of small and medium sized businesses found that 73% of the businesses in the study said they had been targets of cyberattacks in the past year.  The survey found that small to medium sized companies reported the average annual cost of cyberattacks was over $188,000. That includes everything from stolen funds and legal expenses to costs associated with notifying the company’s customers and securing its computer system.

Many cyberattacks against small and medium sized businesses use sophisticated malware and social engineering techniques that fly under the radar of conventional security tools. Remember, the cost of just one hack attack can far exceed the cost of implementing security procedures to protect your company’s online security.

Make It Your Business to Protect Your Business from Hackers

  • Make sure your firewall is turned on and all your company’s software is up to date. That means everything from your operating system and your web browser to virus, spyware and malware detection software. Run frequent scans.
  • Educate your employees about security procedures and policies.
  • Change the default identifier and the administrative password that your router was shipped with.
  • Use strong passwords for your employees – a complex combination of letters, numbers and symbols that are difficult for others to guess.
  • Set your company’s system and browser security settings at medium or higher.
  • Remove unnecessary data by eliminating it safely or storing it securely and regularly monitoring it.
  • Have a network security audit performed to find out whether your company has any security vulnerabilities.
  • Disable file sharing on company laptops used in the field.  Make sure they have adequate security protection in case they’re lost or stolen.
  • Make sure your company limits access to sensitive information in your network.
  • Use a virtual private network solution like PRIVATE WiFi ™ for protection against hackers. VPNs encrypt the data traveling to and from your computers, making it invisible to hackers. That’s especially important when employees use personal or company laptops to conduct business at wifi hotspots and other unsecure networks.
  • If your company is hacked, don’t try to hide it. Know your state’s data breach notification laws. They can require reporting breaches to customers and law enforcement officials in every state where you do business.

If your business was hacked, we’d like to hear what happened. Drop us a line and share your story.

Associated Topics:

Associated Topics:


Related Posts

Protecting Your Identity with the Internet of Things

Thought Leadership
Eva Velasquez | May 21st, 2015

The internet of things—or IOT, as it’s commonly known—was once the stuff of science fiction, a newfangled “wave of the future” concept only experienced at futuristic demonstrations like the World’s Fair. But now many of these devices are already in use in millions of households around the world. They’ve become an interesting yet somehow still unknown entity in the world of technology, and industry experts have stated these products will be the norm just a handful of years from now. Read More

Avira Offers PRIVATE WiFi’s VPN As Part of New Bundle

News & Features
Jared Howe | May 14th, 2015

Germany-based security company, Avira, just announced the release of a new bundled product which includes both their Antivirus Pro and PRIVATE WiFi.  This bundle protects users from both malware infection and data theft. Read More

Online Dating and Pubic WiFi: How Secure Is It?

Thought Leadership
Nikki Junker | May 5th, 2015

You never want to share sensitive information like online banking accounts or credit card portals over unsecured public web connections, but the truth is online dating profiles can often contain just as much data as either of those. In fact, your online dating profile—if falling into the hands of a hacker—can cause far more personal safety problems than your banking data. After all, with online banking a thief just gains access to your checking account; with online dating data, a criminal could gain access to your home address, your workplace, any children’s or family members’ names, and more. Read More

Why I Started Private Communications Corporation

Thought Leadership
Kent Lawson | Apr 28th, 2015

Kent Lawson, Founder and CEO of Private WiFi, talks about what inspired him to start the company. This is the first in a series of weekly CEO blog posts on this and other topics. Read More


Thank you for subscribing to our newsletters

Your email has been added to our system. You will be e-mailed shortly with a request to confirm your membership. Please make sure to click the link in that message to confirm your subscription.