Top Cyber Security Threats Facing Small Businesses

Cyber Security Threats

Adapt Your Cyber Security Defenses

Cyber security has become a critical part of the modern business environment. It is a common discussion topic in planning meetings and boardrooms throughout the globe.  As cyber security threats evolve, businesses must also adapt their defenses to protect against these threats.

To defend against these threats and ensure your business continues to function, proper IT planning and a solid security plan must be part of a modern business plan. Identifying cyber threats before they are realized is not always an easy thing to do. However, if you develop a proper response and defense tactics for your business, you can counteract them quickly and effectively.

Small businesses should be aware of the following list of the top five cyber security threats.


Ransomware attacks rose dramatically in 2016 and continue to be prominent even today. The attacks on larger organizations are typically the ones that make the news headlines. However small and medium businesses make up the largest percentage of attack victims.

A ransomware attack loads malicious software on your computers that encrypts your files and documents. This renders your computer unusable until a ransom is paid for the decryption key or they can be restored from backup. This is very disruptive to a business and can be very time intensive and expensive to cleanup if proper planning and defenses are not in place prior to the attack.

Cloud Attacks and Malware

We will continue to see an increase in attacks on cloud providers because of the use of popular cloud computing services and software. These attacks will likely come in the form of:

  • DDoS (distributed denial of service) attacks
  • Security breaches, and
  • Man-in-the-middle attacks.  Man-in-the-middle attacks are particularly concerning as they are hard to detect and can continue for long periods of time.

Usage of cloud synchronization products, such as Dropbox and Google Drive, has become very popular for both personal and business data. These convenient services can put a lot of data at risk.
The man-in-the-middle attack uses malware installed on a victim’s computer to intercept traffic while it is in transit to the cloud storage server.

Since neither the computer nor the servers are aware of this intercept and since the data is still synchronized to the cloud storage, everything appears fine. This attack allows the hacker to get a copy of all the files stored using these cloud storage services.

Internet of Things (IoT)

internet of things - cyber security
More and more devices in your home and business have internet connectivity capabilities for remote access and management. Thermostats, door locks, lighting, and security cameras are just a few examples of these connected devices that are targets for hackers. The greater threat, beyond the hacker’s ability to manipulate these devices and intrude on your privacy, is the connection they can provide to the rest of your computer network.

IoT devices are commonly connected to the wireless network that is shared with your business or home computers. If a connected device is compromised by a security flaw, it can provide a hacker full access to your computer network as though they were directly connected. Isolation of these devices is critical to ensure they cannot provide a pathway into your network in the event they become compromised.

DDoS Attacks

Distributed Denial of Service attacks have recently become more prominent. Hackers conduct these attacks by producing many simultaneous connections to an internet connected device. This causes the attacked device to be unable to respond to legitimate requests. These attacks are common on web servers and servers that host cloud services.

A prominent example of this was an attack on Dyn. This company provides domain services to many large websites such as Twitter, Etsy, and CNBC.  This attack effectively disabled legitimate traffic from reaching all Dyn serviced sites for several hours until the attack could be mitigated.

Hackers need access to hundreds to thousands of devices to orchestrate a DDoS attack.  We may see compromised IoT devices used in one of these attacks in the future.  Hackers may be able to activate thousands of these compromised devices simultaneously to attack one of their targets.

Social Media Hacks

We are deep in the social media age where posting and commenting on a platform such as Facebook and Twitter has become part of our daily routine. These popular services makes them a prime target for hackers.  The amount of information stored on these platforms is staggering. The ability to steal someone’s online identity can be very powerful.

Evidence of this type of threat is in the news quite often. There have been countless celebrities and high profile individuals that have been the victim of social media identity theft. Often times, hackers are able to gain access to the users social media associated email account and change their account passwords, giving them full control of the social account. While a lot of these hacks are fairly benign and can be laughed off, they can have serious social and business impacting effects.

The threat becomes more serious as more and more critical information is disseminated through social medial platforms.  A great example of the danger is President Trump’s use of Twitter in his presidency. President Trump has proven to rely heavily on Twitter to get certain information to the American people.  It is rumored that his Twitter account was still associated with a public email account after he took office.  If this email account was compromised, someone could easily pose at the President of the United States and have the potential to do a lot of damage. While most would take outlandish information to be the result of unauthorized control of the account, many may also take the information as fact and react to it in a detrimental way.

Be Prepared

Even though cyber security threats continue to evolve and show no signs of slowing down, you still have the ability to protect your business. Implementing a proper security and recovery plan is paramount, even for the smallest business. Systems must be properly patched and updated regularly. Proper equipment should be implemented to defend against these threats.  Ensure a backup and disaster recovery solution is in place from your IT managed services provider and working properly.

Preventative measure can help defend against cyber security threats.

With proper planning, your business can be well defended against these threats and their potentially disastrous outcomes. To be sure your business is protected, consult your IT provider and ask what plans they have implemented to defend your business network from potential attack.

Quick Look Business Assessment

Get a quick snapshot of how your business is doing. Sign up for our email list to download your free Quick Look Assessment.

* required

Email marketing via MailChimp