Search By Topic:

Popular Topics:



News & Features | Sep 16th, 2011

Hacking Small Businesses Is Big Business for Cybercriminals

Jan Legnitto

From TJ Maxx to Sony, Citibank and Twitter, the growing list of  companies that have fallen victim to hackers reads like Who’s Who in American Business. That might lead small and medium sized business owners to conclude one of two things:  they’re protected from hack attacks because they’re too small to be tantalizing targets. Or even if they aren’t safe, there’s nothing they can do to protect themselves.

For Cybercriminals Planning Hack Attacks, Small is Beautiful

The reality is both of these assumptions are dead wrong. And for the average business owner, both of them could prove to be fatal.  According to Verizon’s 2011 Data Breach Investigations Report, small to medium sized businesses have become hackers’ main targets. Why? Because cybercrime organizations using automated hacking can steal as much or more data from them with less risk of getting caught.

Take the case of Michelle Marsico who owns Village View Escrow Inc. in Redondo Beach, California. According to the Los Angeles Times, in 2010, hackers stole $465,000 from one of company’s business accounts. How did they do it? Marsico told the LA Times that cyberthieves may have gotten access to the account through her company’s computer system. Once in, they wired the money overseas. Only about 20% of it was recovered. Marsico has gone public about what happened to her to warn other business owners.

FBI Says Hack Attacks Are Targeting Small Business Accounts

In April, the FBI issued an alert about a type of hack attack in which thieves steal the online banking login information of businesses and use it to transfer money out of their accounts. According to The Wall Street Journal, that’s what happened to Lease Duckwall, owner of Green Ford Sales Inc. in Abilene, Kansas. Last November, a hacker added nine new employees to the car dealer’s payroll and transferred $63,000 to them. Duckwall didn’t find out until the next morning. That was soon enough to have his bank freeze the funds in six of the cases. But the other three payments had already been withdrawn; and the cash had been wired offshore.

If your business network, database or website is hacked, the cost to your company could be staggering. A recent blog post on IEEE Spectrum online reported that the annual amount stolen from small business bank accounts that have been hacked is one billion dollars or more annually. To make matters worse, there’s currently no law that protects small businesses from fraudulent wire transfers. That means, if the bank can prove that it was your account that was hacked, you’re responsible.

A 2010 Symantec survey of small and medium sized businesses found that 73% of the businesses in the study said they had been targets of cyberattacks in the past year.  The survey found that small to medium sized companies reported the average annual cost of cyberattacks was over $188,000. That includes everything from stolen funds and legal expenses to costs associated with notifying the company’s customers and securing its computer system.

Many cyberattacks against small and medium sized businesses use sophisticated malware and social engineering techniques that fly under the radar of conventional security tools. Remember, the cost of just one hack attack can far exceed the cost of implementing security procedures to protect your company’s online security.

Make It Your Business to Protect Your Business from Hackers

  • Make sure your firewall is turned on and all your company’s software is up to date. That means everything from your operating system and your web browser to virus, spyware and malware detection software. Run frequent scans.
  • Educate your employees about security procedures and policies.
  • Change the default identifier and the administrative password that your router was shipped with.
  • Use strong passwords for your employees – a complex combination of letters, numbers and symbols that are difficult for others to guess.
  • Set your company’s system and browser security settings at medium or higher.
  • Remove unnecessary data by eliminating it safely or storing it securely and regularly monitoring it.
  • Have a network security audit performed to find out whether your company has any security vulnerabilities.
  • Disable file sharing on company laptops used in the field.  Make sure they have adequate security protection in case they’re lost or stolen.
  • Make sure your company limits access to sensitive information in your network.
  • Use a virtual private network solution like PRIVATE WiFi ™ for protection against hackers. VPNs encrypt the data traveling to and from your computers, making it invisible to hackers. That’s especially important when employees use personal or company laptops to conduct business at wifi hotspots and other unsecure networks.
  • If your company is hacked, don’t try to hide it. Know your state’s data breach notification laws. They can require reporting breaches to customers and law enforcement officials in every state where you do business.

If your business was hacked, we’d like to hear what happened. Drop us a line and share your story.

Associated Topics:

Associated Topics:


Related Posts

The Three Legs of Protection: Antivirus Software, Firewalls, and VPNs

Thought Leadership
Kent Lawson | Apr 15th, 2015

We've all heard about antivirus software and firewalls. But we probably don’t know as much about the third leg of computer protection: a VPN, or virtual private network. In his latest article, company CEO Kent Lawson says we do this at our peril, because the damage we can suffer from not using a VPN may far outweigh the risks of the other two combined. After the large-scale hack attacks over the past few years, VPNs are now earning their spot as the third security leg that is vital to every-day computer security. Read More

New Hotel WiFi Vulnerability

Thought Leadership
Alok Kapur | Apr 9th, 2015

Earlier this year, the FTC declared a critical announcement for travelers: hotel WiFi is dangerous. Many people assume that because they are paying for it the network must be safe, but that is a dangerous assumption. Hotel WiFi networks are completely insecure; the bad news is that a new exposure in hotel WiFi has just been found. Read more to find out how you can keep yourself protected. Read More

E-filing: The Fastest and Safest Way to File Taxes?

Thought Leadership
Eva Velasquez | Mar 9th, 2015

E-filing your annual return to the IRS offers speed and convenience and when coupled with industry-approved software that can plug in the values for you, a lot of the headaches traditionally associated with doing your taxes are eliminated. However, there are some potential dangers that you should be aware of, such as insecure public WiFi networks and online tax fraud. Read More

FTC Says Hotel WiFi is Dangerous

Thought Leadership
Kent Lawson | Feb 23rd, 2015

Recently, the FTC posted an article on their website stating that hotel WiFi is dangerous and that users should not assume that just because they pay for Internet access that their connection is secure.

We couldn’t agree more. In fact, I have been stating this fact since we launched PRIVATE WiFi nearly five years ago.  This is an important topic because hotel traveler’s rank WiFi access at hotels as the number one amenity that they look for when booking hotel rooms. Read More


Thank you for subscribing to our newsletters

Your email has been added to our system. You will be e-mailed shortly with a request to confirm your membership. Please make sure to click the link in that message to confirm your subscription.