Cyber-crime doesn’t target small businesses (SMBs) and it’s committed by teenage nerds as a joke. These are two biggest misconceptions about cyber-crime and it could have huge financial repercussions and a negative impact on a company’s future. This is according to Alto Africa CIO, Oliver Potgieter.
Small businesses continue to be a top target for hackers, with the number of organisations hit by cyber-crime rising each year. According to The Ponemon Institute’s 2017 State of Cybersecurity in Small & Medium-Sized Businesses report, 61 percent of businesses experienced a cyber-attack in 2017, signifying a 6 percent increase from the previous year’s 55 percent. Data breaches were up to 54 percent from 50 percent in 2016.
Small businesses can no longer afford to neglect cyber-security, the threat of cyber-attacks is simply too large, imminent and dangerous to ignore. The fact is, no matter how small the business, it remains a lucrative target for cyber criminals.
There seems to be a lackadaisical attitude in the SMB sector. The first thing every potential new customer asks about Cloudbox is how secure it is. Then once implemented, the first thing they ask is whether one could relax the default password policy.
This is the way it seems to be with data security and the small to mid-sized business, particularly in the South African market space. Security is top of mind, but bottom of pocket and policy. And don’t have the audacity to suggest that good security might actually cost something.
The vast majority of cyber-crime is not the targeted big business data breaches that make the headlines – it’s the millions unprotected little guys that are happy to pay a couple of hundred Rands in ransom to get their data back.
According to research, the average ransomware pay-out is around R5000 and globally 34% of victims will pay this. The idea that South Africa is at the bottom end of Africa and no one really bothers about us, is in some sense true. The infection rates and attack rates are way lower than the US and Europe, but we’re certainly not immune to ransomware infections.
Way back in 2016 already, ransomware was a billion dollar industry and the dark web has a whole economy built around this. In fact, as a software developer in the Ukraine, one could expect to earn about $25k/year. Whereas porting your skills to develop ransomware could earn you $100k – and that’s for actually selling your software, not collecting the ransoms it may bring in.
There are also some ingenious infection methods. Heard of ‘Popcorn Time’? This ransomware variant gives you two options for getting your files back – either pay the ransom (bitcoins obviously), or infect 2 other people and get your files unlocked for free.
Let’s face it, they really don’t have to be that ingenious anyway – statistics show that four percent of employees will click on pretty much anything from ‘Free Coffee’ to ‘Package Delivery’.
But four percent is nothing right? Well consider that a really good digital marketing campaign will only achieve a click rate of two percent, you can see why cyber-crime is good business.
And cyber-crime is not only good business, it is big business and it’s highly organised. They have some of the smartest minds working for them and they’re coming for you.
So, what to do? As Douglas Adams said – Don’t Panic. Get the basics right, ensure you have good systems and good IT management behind that. It’s no good having a great computer security suite if it’s not actually installed and active on all your computers.
Practice good password management and even if you are a small business, have sound policies that everyone adheres to. Talk to your staff about the risks of ransomware and try to build a culture of ‘thinking twice’. And have backups – always have backups.
However, if you have multiple layers of security on all your systems, cybersecurity should not be of concern. Backup your company files as often as possible and regularly update your systems. Do not ignore those update-notifications, they are released by service providers to improve processes and security.
Your chances of becoming a ransomware victim, or seeing your company website being hijacked by hackers is significantly decreased if you update your systems and have security software solutions capable of handling the cybersecurity needs of your company.
Cloudbox offers everything from multi-layered email security to data encryption, it ensures that all company data is fully secure and backed up, and easily recoverable in a disaster.
Cloudbox is an ‘All-in-One’ IT Solution in a box for SMEs, it gives small business owners the freedom to focus on their business instead of worrying about IT issues. The solution incorporates email, email backups, file sharing, computer backups, antivirus and communication into one simple package to take the complexity out of IT.
Alto Africa is a leading IT Managed Services provider that leverages the cloud to help customers become more agile, productive and secure.
Alto Africa is a team who understands that IT is essential to running your business so they created Cloudbox, a solution that is easy to understand and simple to use. It was designed for SME’s looking to simplify their IT and incorporates all essential IT services.