FBI says $7 billion lost in criminal cyberattacks, and most victims were small businesses

What small business owners can do to protect themselves from hackers

Small and medium-sized businesses face a big threat from cyberattacks and hackers, according to a special agent in the FBI’s cyber division.

“The large businesses continue to invest in their cybersecurity and enhance their cybersecurity posture,” FBI Supervisory Special Agent Michael Sohn said at CNBC’s Small Business Playbook virtual event on Wednesday. “So what the cybercriminals are doing is they’re pivoting, they’re evolving and targeting the soft targets, which are the small and medium businesses.”

In 2021, the FBI’s Internet Crime Complaint Center (IC3) received 847,376 complaints from the American public regarding cyberattacks and malicious cyber activity, a 7% year-over-year increase. In total, potential losses from those attacks exceed $6.9 billion, a 64% increase compared to the previous year.

“Unfortunately, the majority of those victims were small businesses,” Sohn told CNBC’s Frank Holland.

But even as small businesses are increasingly being targeted by hackers and cyber criminals, CNBC and SurveyMonkey data has shown that most small business owners are not concerned.

Sixty-one percent of small business owners polled in the most recent quarterly survey said they were not concerned that their business will be the victim of a cyber attack in the next 12 months, up from 58% last year.

Only 4% of small business owners said that cybersecurity was the biggest risk facing their business, while 64% said they were confident that they could quickly resolve a cyber attack, according to the CNBC|SurveyMonkey Small Business Survey for Q4 2022.

Sohn said his key message for small and medium-sized business owners was to stay vigilant.

“A lot of the cyberattacks that we have witnessed from our investigations, almost all of them could have been prevented by doing very basic cyber hygiene,” he said.

Here are some of the pointers from Sohn for small and medium-sized business owners to make sure their basic cybersecurity practices are up to date.

Start with the obvious cybersecurity steps

cyano66 | iStock | Getty Images

Rely on reputable services

Going beyond a password manager, Sohn said small business owners must ensure they’re relying on a good technology-based backbone.

“The best thing to do is to use reputable services, reputable laptops, hardware, email, and other services that have been tested and that have been in the industry for a while,” he said.

He also noted that small business owners should make sure that they are updating their devices and other technology with the latest patches to ensure that their systems are as protected as possible.

“These updates to your systems are actually patching holes and vulnerabilities in your corporate networks, or your business desktops, laptops, or tablets,” Sohn said. “This is one of the critical steps that we ask our users to do, and then using a reputable anti-virus and a firewall system on your network.”

Back up critical systems and data

As ransomware attacks grow and evolve – in 2021, the IC3 received 3,729 complaints identified as ransomware with adjusted losses of more than $49.2 million – Sohn said it’s important to make sure that your data is encrypted and backed up offline “so you could access it even if the criminals steal it and take it away.”

“We see this time and time again where a lot of businesses do not back up their critical system, your crown jewels, and that kind of leads to the businesses being forced to pay the ransom to the cybercriminals,” he said.  

The FBI does not encourage paying a ransom to criminal actors, according to the IC3’s 2021 report, nor does it guarantee that the files or data will be recovered.

Don’t trust email requests for money

If you receive an email from a colleague, client, or vendor about deals or asking for money where something doesn’t feel right or you are suspicious, Sohn said that should be a reason for concern.

“That is something we see time and time again, where the cybercriminals are reading your emails,” he said. “Something is not quite right, but because of the sense of urgency on the email they [the business owners] do it, not knowing that the wire was money to somewhere else or to a fraudulent bank account.”

If there is anything that feels off, Sohn said that small business owners should always follow up with an in-person meeting, call, or video call “to make sure that the money is going where it’s supposed to be.”

For all the latest Technology News Click Here 

Read original article here

Denial of responsibility! TechAI is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.