We’ve heard a common theme from many small business owners: “Hackers aren’t after me – they only go after the big guys.” That couldn’t be further from the truth. Your small business is as much of a target as the big guys, and we would argue even more so than the big guys.
Why are small business targeted so heavily? What you need to understand is that hackers aren’t specifically targeting your business, they are targeting computers (no matter who they belong to). These hackers have built programs that do all the work for them. These programs scour public IP addresses and Web sites, looking for vulnerabilities they can quickly exploit to allow them to take control of a computer. While they’re not out to get you personally, you’re strictly an automated target.
Full control of your computer is what they are after. While their programs may be built to take data off your computer, having full control over your system is far more valuable. Why? Because once your computer has been taken over, it can be used for all sorts of nefarious deeds without the activities being traced back to the person responsible.
This older (but still very relevant article) from Krebs on Security has a very telling graphic that shows all the uses a compromised computer can be used for. That computer is now part of a remote-controlled network of computers ready and willing to do as asked for miscreants. Once one computer on the network is down, taking down other computers on the network becomes much easier.
So why are small businesses frequently a target of these types of automated attacks? Hackers are looking for easy targets, and they know that small businesses generally don’t have the larger IT and security budgets that larger corporations have. That means that, generally speaking, there are more things that can be exploited as proper protections aren’t in-place: firewalls with default passwords set, servers that haven’t been patched but are exposed to the internet, out-of-date virus definitions (or no anti-virus at all).
What can you do to help protect your business? Contact us to learn more about our CompleteCare managed IT services which includes managed patching services, managed firewall services, monitored anti-virus and backup and disaster recovery solutions to help protect your business from being a target.