Despite survey results showing concern among businesses unchanged, recent reports from the FBI confirm a huge increase in cyberattacks on small and medium-sized businesses.
CNBC Report: FBI Worried About Cyber Crimes Targeting Small Businesses
The Federal Bureau of Investigation (FBI) is concerned with the amount of cyberattacks targeting small and medium-sized businesses in the United States, according to a recent report from CNBC.
The report quotes FBI Supervisory Special Agent Michael Sohn, from the BureauFs cyber division, as saying, "The large businesses continue to invest in their cybersecurity and enhance their cybersecurity posture. So, what the cybercriminals are doing is they’re pivoting, they’re evolving and targeting the soft targets, which are the small and medium businesses.”
The report also notes that in 2021, the FBI’s Internet Crime Complaint Center (IC3) received 847,376 complaints about cyberattacks, with the vast majority of these victims being small businesses, according to the FBI. According to the report, potential losses from these attacks exceed $6.9 billion. That’s a whopping 64 percent increase over the previous year.
Sohn’s comments follow the release of results from a survey conducted by CNBC and SurveyMonkey looking at small businesses in Q4 of 2022. Interestingly enough, this found little change in the perception among small businesses of the threat of cyberattacks compared to previous quarters.
Only 37 percent of small business owners polled indicated that they are concerned that their business will be the victim of a cyberattack in 2023. This is close to the numbers when business owners were polled throughout 2022.
Image via SurveyMonkey
The majority of small business owners (64 percent) suggested that they are confident in their ability to quickly resolve a cyberattack on their business. This number was also consistent with the response from the previous quarter’s survey.
Only four percent of small business owners polled said cybersecurity is the biggest risk to their business right now. This was also unchanged from the previous quarter.
Regardless of how confident business owners are and how little concern they are expressing, the FBI’s concerns are certainly not without merit. Cyberattacks, including ransomware, have the ability to damage a business’s reputation, while causing downtime and costing money, even beyond the ransom itself. Revenue can suffer, and customers can be lost. Beyond ransomware, other malware, viruses, spyware, and phishing can cause similar problems.
Small businesses should take cybersecurity seriously. Attackers often target them because they know they don’t have the same resources as larger companies, and are, therefore, generally more vulnerable.
To protect your business and prevent cyberattacks, the Small Business Administration (SBA) recommends training employees on how to spot phishing emails, using good internet browsing practices, avoiding suspicious downloads, enabling authentication tools (including strong passwords and multi-factor authentication), and protecting sensitive vendor and customer information.
The SBA also advises small businesses to secure their networks, use continuously updated antivirus software, monitor and manage Cloud Service Provider (CSP) accounts, and secure, protect, and back up sensitive data. The SBA recognizes that, while dedicated IT support is ideal, it can be expensive and not feasible for all small businesses. It lists some helpful resources for these companies to use to help ensure they are as secure as possible.