Are you taking the proper steps to prevent your business from being hit by hackers?
Hackers, and hacking culture, are in vogue.
Just turn on your TV. You’ll find the black-hat-turned-white-hat technical analyst Penelope Garcia on Criminal Minds. There’s the quick-witted Chloe O’Brian on 24. The awkward wunderkind Elliot Alderson in the critically acclaimed and hyper-addicting show Mr. Robot. In each of these shows, the hacker characters come off as sympathetic and heroic. They come off as cool.
But if you’re a business owner, there’s nothing cool about hacking. Especially if you’ve become a victim of a cybercrime.
It won’t happen to me…right?
In today’s culture we tend to think about hacking on a macro level. We think about Wiki Leaks, the Target credit hack, the Sony hack, and recently the news that 500 million Yahoo accounts were compromised in what Yahoo alleges was a state-sponsored attack.
While these massive attacks ensnare the headlines and capture the cultural zeitgeist, small businesses are being targeted daily. Just ask Lifestyle Forms & Displays, a mannequin manufacturer in New York City who fell victim to cybercrime. Hackers gained access to their online transactions and stole $1.2M.
They got that money back, right?
Not so fast.
In the case of LF&D, they initially were able to recover $800,000. Working with the FBI and NYCPD, they were later able to get another $200,000 back. The remaining sum of $200,000? Never to be seen again.
Can your business afford to take a $200,000 hit? I didn’t think so.
Taking on an “It won’t happen to us” approach
Small businesses don’t offer hackers the publicity and the massive paydays that large corporations or government entities do, but they do provide an easier target. Why is this? Small business typically equals smaller defenses. This is due to two primary reasons:
- Lack of resources. With less financial flexibility SMB owners aren’t afforded the ability to allot enough money into security.
- Attitude. How does attitude make you a target? Many SMB owners think that they’re too small to be targeted. Taking on a “It won’t happen to us approach.” When, in reality, 52% of hacks are committed against small businesses. So it absolutely can.
So what can I do?
There isn’t a ton an SMB can do concerning their resources disadvantage. Hacking is a real threat, but I’m not going to advise you to take out a high-interest loan in order to install a steel-door security system. But you can educate yourself and, most importantly, your employees.
About Your Employees
Data Defenders, a Chicago-based Security company, says that their research shows that 80% of security-related incidents are a consequence of employee behavior.
How does that happen?
Hackers will prey on your employees. They will call your offices and pose as support or vendors in order to acquire user names and passwords. Or they will target your email, lobbing a phishing scam at your employees hoping one will be foolish enough to bite. Training your employees on identifying phishing scams may seem elementary and a waste of your time, but is a necessary step to bolster your cyber security.
Another strategy that may seem simple is your passwords. Countless companies have been breached because of a lack of complex passwords. You may think that your dog’s name and the year of your birth is a strong password, but it’s not. Hackers will pull as much information about you from your online fingerprints, social media, business profiles, etc, and input it into their password algorithms. Once they see your Facebook picture with Sparky and that you were born in 1977, you’re sunk.
The best strategy to employ with your passwords is a balance of agility and complexity. It’s annoying, but change your password every month. Try out complex passwords such as sentences or multi-character combinations. If you insist on having your pet in your password for posterity, try: $wegotSparkyindecemberof2014$.
And, for goodness sake, don’t write down your passwords on a sticky note that is prominently displayed in your office – or on a piece of paper hidden in your top desk drawer, or on something you keep in your wallet.
It’s ok to romanticize charming hackers on TV. Maybe a small part of you enjoys seeing hacktivists take down a major conglomerate. The little guys sticking it to the big guys. A cyber rendition of David vs. Goliath. But make sure you’re taking the necessary steps to protect your cyber security.
Even if you have the budget and tech of a first-world government, you’re never entirely protected from hackers. But through education and diligence you can greatly improve your chances of thwarting off attacks.