
5 Reasons Hackers Target SMEs
While the massive influx of remote working has alerted many businesses to their cyber risk, it is also creating more opportunities for cybercriminals looking to exploit it.
Cyber claims rates are on the rise and the majority of victims are small and medium-sized businesses being hit with cybercrimes like funds transfer fraud and ransomware attacks, much of which is made more possible by remote working. But what makes these organizations attractive to cybercriminals? Here are five reasons:
- Small businesses are low-hanging fruit
While the headlines focus on major security breaches at major companies, small and medium sized businesses are actually the more common victims of cyber attacks. In fact, 43% of cyberattacks are aimed at small businesses according to Verizon. Even though the rewards may be less, cybercriminals see smaller organizations as low-hanging fruit because – due to lack of education and resources – they usually invest less in IT security and don’t often train their staff on cybersecurity risks.
- Small businesses are more vulnerable to social engineering
Social engineering is an act of manipulating people into doing things like share confidential information or wire money. Small businesses tend to be more exposed to this risk for a number of reasons: they have less basic security in place, like two-factor authentication; they don’t often know the risk or train employees; they usually work with a variety of third-party partners to run their business which is the root cause of 41% of data breaches; and they almost always makes and receive payments using wire transfers.
- Small businesses often feel they must pay ransoms
Faced with choosing between paying a ransomware demand that may get them back online faster or enduring a long period of potentially business-crippling downtime, small businesses often feel that they have no choice but to pay these demands in the event of an attack. Without anyone to turn to for help, this is particularly true of those without access to the cyber incident specialists that cyber insurance can provide.
- Small businesses are the ‘gateway’ to larger organizations
Many SMEs are connected electronically to the IT systems of a range of larger, partner organizations. So when cybercriminals are looking to infiltrate these larger and more cyber secure organizations, they are increasingly targeting their humble downstream suppliers to see if these small businesses offer a less-secure way in. What’s more, many of these IT relationships are visible through publicly available data.
- Small businesses are sometimes not targeted at all, but simply collateral damage
From the WannaCry attack of 2017 to the Blackbaud attack more recently (where over 125 organizations in the UK have already reported that they’ve had a potential data breach), SMEs are often collateral damage in large-scale cyber attacks that have nothing to do with them. Small businesses might think they are safe because they outsource their IT and their data is stored in the cloud, but if a cyber attack is launched against one of these technology providers, it’s the businesses that rely on it that are often left footing the bill, whether paying for the business interruption costs involved, privacy notifications to customers, or reputational harm.
Contact an Acrisure Agency Partner today to learn more.
Important Information:
For additional information, please visit our website at Acrisure.com. Products or services identified herein may not be available in all jurisdictions. The information and descriptions contained herein (a) are not necessarily intended to be complete descriptions of all applicable terms, conditions, and exclusions of the policies referenced, (b) are provided solely for general informational purposes, and (c) should not be viewed as a substitute for legal, regulatory, or other advice on any particular issue or for any particular reason. The advice of a professional should always be obtained before purchasing any insurance product or service, and you should not rely on the information provided herein for the prevention or mitigation of risks or as a full and complete explanation of coverage under any insurance policy. While the information contained herein has been compiled from sources believed to be reliable, no warranty, guarantee, or representation, either expressed or implied, is made as to the correctness or sufficiency of any representation contained herein.
© Acrisure, LLC. All rights reserved.
Related Content
May 10, 2022
SEC Says You May Need to Disclose Climate Risk. Are You Covered? | Acrisure Viewpoints
As the SEC considers a proposal to make companies disclose areas of climate impact, Acrisure advisors help companies prepare to meet risks.
May 4, 2022
Acrisure Achieves Top Industry Honors
Acrisure makes list of Insurance Business America's "Fast Brokerages 2022" in addition to winning two Stevie® Awards.
May 3, 2022
Limitless Possibilities Podcast, Episode 3: “Culture Eats Strategy for Breakfast” with Grahame Millwater
Episode 3 of Acrisure's podcast called Limitless Possibilities is live with special guest Grahame Millwater.
April 28, 2022
Acrisure Unveils Cyber Risk Assessment Backed by Coalition
Acrisure announced Cyber Risk Assessment in a partnership with Coalition, a leading global provider of cyber insurance and security.
April 22, 2022
How We’re Investing in a Greener Future
Acrisure partners with Friends of Grand Rapids Parks 2022 Mayor's Greening Initiative and Arts Marketplace to invest in a greener future.
April 20, 2022
Job seekers want top benefits. How do yours measure up? | Acrisure Viewpoints
Acrisure shares items that impact the cost of your auto insurance in addition to options to help you save.
April 20, 2022
Acrisure Re In The News: Insurance Insider Interview with Simon Hedley
Simon Hedley, CEO of Acrisure Re, speaks with Insurance Insider about the growth of Acrisure Re and London Wholesale.
April 14, 2022
Want to pay less for auto insurance? Here’s what the experts say | Acrisure Viewpoints
Acrisure shares items that impact the cost of your auto insurance in addition to options to help you save.
April 11, 2022
Acrisure’s Greg Williams is Keynote Speaker for CFC Summit 2022
Greg Williams has been selected as a keynote speaker for the CFC Summit 2022 event in Chicago in May to discuss innovation and technology.
April 5, 2022
Time for a Career Change? Here’s What To Look For | Acrisure Viewpoints
Today's labor market can be overwhelming, but Acrisure employees and Partners offer things to consider when looking for a new role.