Towards the end of 2021, experts assumed we had hit a peak in cyber attacks with data showing numbers exponentially higher than years prior. Despite efforts to boost protection against cyber criminals, mid-year reports reveal it's likely that 2022 will reach even higher numbers. What is perhaps more cause for concern is the analysis of the latest hacks and the sophistication at which cybercriminals are executing their latest schemes. While it can unnerving to face the reality of current crime in our digital world, understanding the risks can help you and your business be more prepared.
Schemes to Target Small Businesses
It’s common practice to analyze cyber trends mid-way through the year, to build appropriate predictions for the remainder of the year, and gauge the vulnerability of the market. Experts in the cyber industry have been comparing 2022 so far to 2021 numbers, and all are finding a striking increase in attacks on small businesses. A recent report compared internet, password, and remote attacks specifically between January and April of both 2021 and 2022. The research revealed an almost 25% increase in password and internet attacks with numbers reaching 35,400,000 globally in the analyzed period of 2022 compared to 32,500,000 in 2021. Experts also noted a slight increase in RDP (Remote Desktop Protocol) which has hit 51 million as of April 2022. This is especially concerning as the number of remote workers has dramatically increased, and it seems- so has their cyber risk.
While the year has shown a frequency increase of close to 3M in the United States, most fear it’s only the beginning. The majority of attacks are being targeted at small businesses and the practices they have adopted since the pandemic. That means remote work, remote banking, digital apps, and hosted/shared data storage platforms. The longer these remote platforms are in the market, the more time cybercriminals have to learn how to invade and break through security barriers. Small businesses should allocate more resources to protect their business, and implement regular training to keep up with the newest hacking schemes.
Businesses May be Overestimating Their Protection Protocols
One of the most shocking statistics to recently come to light shows that cybercriminals have the ability to penetrate 93% of companies' networks. Positive Technologies, a global provider of information security solutions, ran penetration tests on financial institutions, oil and gas companies, IT companies, and industrial industries to understand the hacker's path and potential areas of entry. Their research found that on average, it only takes two days to access a company's internal network. Credential compromise is primarily responsible, and researchers noted that when an attacker gains administrator privileges it creates a sort of domino effect of access across networks, computers, and servers.
Even companies that have invested in cyber security protocols may not be as secure as they might think. The same experts who conducted this research recommend that businesses look to complicate their systems and create more segmentation between different teams and processes. This will ensure that even if one area of the business is hacked, that doesn't automatically give access to other networks of data. This can give the company more time to recognize a hack in its process before it spreads and causes further damage. Small businesses, regardless of the industry, should alter their administrator rights for different servers, and delegate different protocols for different risks.
Businesses Aren’t Financially Prepared for Sophisticated Cyber Attacks
Quite possibly the most shocking aspect of our cyber world is the lack of preparation by companies both big and small. A small business intelligence company, UpCity, surveyed 600 businesses to study their cyber security plans. What they found could be devastating in 2022. Only 50% of companies have a cyber plan in place, of that 50% only 30% have updated their plan to address new threats. Even after supply chain hacks affected 3 out of 5 US-based companies, businesses have not implemented enough plans to stop them from happening again.
In 2021 alone, cybercrime damages totaled $6.9 billion dollars, and less than half of companies feel prepared to handle an attack in 2022. For companies that have made the investment into a cyber security plan, update it to protect you against currency risks. For companies who have not, it should be your number one priority. Cyber hacks are more of a risk to your company than any other threat you could face. Cyber protection industries are constantly updating their technology to keep up with the demand for new and sophisticated schemes, but the reality is that as we improve, so do cybercriminals. Implement the best security measures possible, but always have a backup plan.
Secure Your Cyber Coverage with ECBM
Lessen the mental stress of cyber threats with a strong cyber insurance program. The security measures you follow in your day-to-day business procedures are crucial to avoid getting hit by an attack. But, in the event you face a loss regardless-your cyber insurance will be there to support your business and help handle the financial damages. For more information on our cyber recommendations and program options, speak to one of our consultants today. We’re here to discuss your current plan, or get you on a new one.