Cyber threats impacting small businesses
Peter Makohon, senior vice president of cyber threat management at Wells Fargo, explains the particular cyber threats facing small businesses.
Wells Fargo Works: What about smaller businesses makes them vulnerable to cyber threats?
Makohon: Small businesses might not have the necessary support and expertise needed to properly secure their organization’s use and dependency on internet-based services. Additionally, they aren’t always focused on operational security, and as a result, they might not fully understand their systems. This leaves them open for an attacker to find vulnerabilities.
Planning for cybersecurity:
Learn the steps to protecting your business.
Protect your business data
By providing your email address and business name, you’ll get a Wells Fargo Works for Small Business® guide on the IT security your business needs.*See Footnote heading
Wells Fargo Works: What cyber threats are most applicable to small businesses?
Makohon: Many small businesses are seeing increases in ransomware attacks that threaten to encrypt and/or erase data unless a ransom is paid. In some cases, an employee that accesses a personal email account while at work or brings in a portable USB storage device can unintentionally open a file that has been infected with ransomware, banking trojans, or malicious software known as “backdoors” that can allow the attacker to remotely control the victim’s computer. Small businesses are also being targeted with wire transfer fraud that uses social engineering to trick an employee into wiring a large amount of money to an account that is under the adversary’s control.
Wells Fargo Works: What areas of a small business might these threats target?
Makohon: Threats such as ransomware typically target the contents of hard drives that are used by application servers, desktop computers, and laptop computers. In some cases recent backups are not available and the business is essentially “locked out” from being able to conduct certain electronic business. Wire transfer fraud often targets finance personnel such as controllers or accounts payable.
Wells Fargo Works: How can small business owners stay on top of the latest in cyber threats and cybersecurity?
Makohon: Businesses should ensure that IT systems are being patched and upgraded with the latest security fixes by subscribing to vulnerability and threat intelligence reports. There are a number of free and commercial sources of this information that can be set up to provide alerting based on the type of technology that the business is operating.