When it comes to cyber attacks, most small businesses think: “It could never happen to us.” But that old school way of thinking is what usually gets SMB’s in trouble. We’ve seen this story play out many times before. Some business owners think that they’re too small for cyber criminals to care about or notice. However, this couldn’t be further from the truth! Hackers continue mastering their tricks to steal private information from unprotected, unsuspecting businesses.
Does your SMB have a contingency plan for dealing with security threats? No matter the size of the attack, it can be very costly, time consuming, and a major inconvenience. The most common attacks include: computer virus, phishing, trojan horse, hacking, and data breaches. Experian reported that a whopping 60% of small businesses will close after experiencing a data breach.
While cyberattacks on big companies dominate the news, SMB’s are actually the biggest targets. According to Vox: “One in five small businesses fall victim to a cyberattack and of those, 60 percent go out of business in six months. And the data show that most small business owners don’t have a plan for response if they’re hit.
That’s a problem, because cyberattacks can range from the mildly annoying to the deeply destructive. Even the smallest can be costly and time consuming. From phishing scams to data breaches, the average attack costs a business $9,000, says the National Small Business Association.”
Need further convincing? In the beginning of 2020, a major cyber attack hit a little too close to home. Earlier this month, The Patch announced that a cyber attacker obtained information on over 400,000 people in NorthShore University HealthSystem and Northwestern Memorial HealthCare databases. Here’s what happened…
“Cybercriminals gained access to the personal information of more than 400,000 people involved with NorthShore University HealthSystem and Northwestern Memorial HealthCare in a ransomware attack earlier this year on a cloud software company, the health care systems disclosed earlier this month.
In a cyberattack that occurred at some point between Feb. 7 and May 20, hackers breached the systems of the Charleston, South Carolina-based software company Blackbaud. The firm provides database management software used for fundraising. In a ransomware attack, cybercriminals lock companies or governments out of their own servers and hold their data hostage in exchange for payment.
Before the company’s cybersecurity team was able to lock out the hacker and prevent them from fully encrypting the company’s files, the attacker was able to copy a backup of personally identifiable data, although it did not include credit card, bank account or social security numbers, according to Blackbaud officials.
“Because protecting our customers’ data is our top priority, we paid the cybercriminal’s demand with confirmation that the copy they removed had been destroyed. Based on the nature of the incident, our research, and third party (including law enforcement) investigation, we have no reason to believe that any data went beyond the cybercriminal, was or will be misused; or will be disseminated or otherwise made available publicly,” according to a statement from company representatives. “We apologize that this happened and will continue to do our very best to supply help and support as we and our customers jointly navigate this cybercrime incident.”
The company has about 35,000 nonprofit clients, and more than 2 million people from over 25,000 nonprofits have so far been affected nationwide, according to Becker’s Hospital Review.
On July 16, Blackbaud notified Northwestern Memorial HealthCare of the data breach, which involved nearly 56,000 donors.
According to a notification from the health care system, the database includes donor or patient information when donations were made, “including names, age, gender, dates of birth, medical record number, dates of service, departments of service, treating physicians, and/or limited clinical information.” The Social Security numbers, payment card information and other financial data of five people were also compromised.
On July 22, NorthShore officials learned of the data incident, according to a notification. While no credit card or bank account information, Social Security numbers, online logins or passwords were compromised, the protected health information of approximately 348,000 people were breached, including patients’ birthdays, dates of admission and discharge, identities and specialties of their doctors, home addresses and phone numbers.
“Based on the data involved, we believe there is low risk of harm to affected individuals,” NorthShore representatives said in a statement, noting no medical records were breached. “As such, there are no specific actions donors or patients need to take at this time. We are notifying all affected individuals and reminding everyone to regularly monitor personal accounts for any suspicious activity.”
Is your SMB protected from cybercriminals? As a business owner, do you find yourself handling all cyber security matters? An overwhelming majority of small business owners report handling cybersecurity matters themselves.
“Executives who believe their companies are too small to merit the attention of bad actors fail to see how the landscape has changed. Thanks to massive data breaches in recent years, credit card numbers and personally identifiable records are now literally a dime a dozen on the dark web. Smaller firms are less able to withstand this new breed of attack in which ransom demands can cost millions.
Datto reported that 85% of MSPs reported ransomware attacks against SMBs over the last two years, with 56% seeing attacks in the first six months of 2019. Malwarebytes found that 22% of companies that are attacked cease operations immediately. Smaller businesses are the most vulnerable to a catastrophic impact. Unfortunately, they’re also increasingly in cybercriminals’ crosshairs: 43% of cyberattacks last year targeted small businesses, according to Verizon.” IBM Systems
Are you worried about falling victim to an attack? No worries, that’s what the IT experts at Computers Nationwide are here for!
You don’t have to face cybercriminals alone. Protect your business, customers, and important information with industry leading Threat Intel programs from our partners at Perch Security…
Perch is an industry leader in co-managed threat detection and response. Backed by their in-house Security Operations Center (SOC), Perch and Computers Nationwide will work together to launch your cybersecurity program, or add depth to the visibility you already have.
With Perch’s SOC, there’s no need to increase analyst hours or staff. The Perch Security Operations Center investigates any alerts on your network, escalates real incidents to your attention, and helps you eliminate the threat. Customize what and how we escalate to fit your needs! Analyst hours are not required. Perch Security Operations Center (SOC), included with your service, means threat analysts are working for you as soon as your sensor is installed.
A few benefits you’ll enjoy: a peace of mind, 24/7 detection, and customized solutions!
The Perch SOC Works around the clock to:
- Triage every alert
- Escalate real threats when detected
- Support you through the response process