FBI focuses on cybercrimes that target small business
The Federal Bureau of Investigation (FBI) is concerned with the amount of online and digital attacks targeting small and medium businesses in the United States, according to a recent report from CNBC.1
The report quotes FBI supervisory special agent Michael Sohn, from the bureau’s cyber division, as saying, “The large businesses continue to invest in their cybersecurity and enhance their cybersecurity posture. So, the cybercriminals are pivoting; they’re evolving and targeting the soft targets, which are the small and medium businesses.”
The report also notes that in 2021, the FBI’s Internet Crime Complaint Center (IC3) received 847,376 complaints about cyberattacks, with the vast majority of these victims being small businesses, according to the FBI. According to the report, potential losses from these attacks exceed $6.9 billion. That’s a whopping 64 percent increase over the previous year.
Sohn’s comments follow the release of results from a survey conducted by CNBC and SurveyMonkey looking at small businesses in Q4 of 2022.2 Interestingly enough, this found little change in the perception among small businesses of the threat of cyberattacks compared to previous quarters.
Only 37 percent of small business owners polled indicated that they are concerned that their business will be the victim of a cyberattack in 2023, about the same level of concern for businesses polled in 2022.
Image via SurveyMonkey
The majority of small business owners, 64 percent, suggested that they’re confident in their ability to quickly resolve a cyberattack on their business. This number was also consistent with the response from the previous quarter’s survey.
Only four percent of small business owners polled said cybersecurity is the biggest risk to their business right now. This was also unchanged from the previous quarter.
Regardless of how confident business owners are and how little concern they are expressing, the FBI’s concerns are not without merit. Cyberattacks, including ransomware, have the ability to damage a business’s reputation, while causing downtime and costing money even beyond the ransom itself. Revenue can suffer and customers can be lost. Beyond ransomware, other malware, viruses, spyware and phishing can cause similar problems.
Small businesses should take cybersecurity seriously. Attackers often target them because they don’t have the same resources as larger companies and may seem more vulnerable.
To protect your business and your customers, and to prevent cyberattacks, the Small Business Administration (SBA) recommends these tips:
- Train employees on how to spot phishing emails,
- Use good internet browsing practices,
- Avoid suspicious downloads,
- Enable authentication tools (including strong passwords and multi-factor authentication), and
- Protect sensitive vendor and customer information.
The SBA also advises small businesses to:
- Secure their networks,
- Use continuously updated antivirus software,
- Monitor and manage Cloud Service Provider (CSP) accounts, and
- Secure, protect and back up sensitive data.
Understanding that dedicated internet technology support is ideal, it can be expensive and not feasible for all small businesses. The SBA lists some helpful resources for these companies to use to help ensure they are as secure as possible.3
About This Author