Skip to main content
SolarWinds MSP
  • Login
  • Support
  • Partnerships
    • Partnerships Overview
    • Solution Provider Program
    • Technology Alliance Program
    • Distributor Program
SolarWinds MSP
  • Products
    • Monitoring & Management
    • N-central Automate. Tackle complex networks. Get remote monitoring and management built for efficiency and scale.
    • RMM Start fast. Grow at your own pace. Try this powerful but easy remote monitoring and management solution.
    • Backup
    • Backup Get data protection for servers, workstations, applications, documents, and Microsoft 365 from one dashboard.
    • Security
    • EDR Defend against ransomware, zero-day attacks, and evolving threats with endpoint detection and response.
    • Mail Assure Leverage mail protection and archiving to keep your users safe from email threats and downtime.
    • Passportal Adopt and enforce best practices for password and documentation management with ease.
    • Tools & Services
    • MSP Manager Increase helpdesk efficiency with a robust PSA, ticketing, reporting, and billing management solution.
    • Take Control Help support customers and their devices with remote support tools designed to be fast and powerful.
    • View All
  • Solutions

    Solutions

    • Security Protect your customers and expand your business by offering layered security services without the complexity.
    • Monitoring Choose the right remote monitoring and management solution to meet you where you are and grow with you.
    • Operational Efficiency Boost profits by improving efficiency via automation, resources and training, and time-saving products.
    • IT Departments Keep your organization productive by easily managing IT from a single, easy-to-use, web-based dashboard.
    • Remote Monitoring Solutions Comparison Compare SolarWinds RMM and N-central side by side. Sign up to talk to a specialist to find the right fit.
    • View All
  • Resources
    • Download
    • Resource Library
    • Product Information
    • Free Tools
    • Learn
    • MSP Institute Webinar Series
    • Daily Live Demos
    • MSP Advice Project
    • Ask the N-central Experts
    • Upcoming Webcasts
    • Connect
    • Blog
    • Security Resource Center
    • Events
    • RMM Foundations Training
  • About
    • Company
    • About Us
    • Leadership
    • Careers
    • News & Press
    • Awards & Recognition
    • Support & Policies
    • Customer Success
    • Customer Support
    • Legal
    • Security
    • Get in Touch
    • Contact
    • Get a Quote
    • Worldwide Sales & Support
  • IT Departments
  • Contact Sales
    • Contact Sales
    • General Inquiry
    • Get a Quote
    • Worldwide Sales & Support
    • Talk to Specialist
    • Security Solutions
    • Monitoring Solutions
    • Operational Efficiency
  • Try Now
    • Monitoring & Management
    • N-central
    • RMM
    • Backup
    • Security
    • EDR
    • Mail Assure
    • Passportal
    • Tools & Services
    • MSP Manager
    • Take Control
  • Request a Quote
  • Try Now
    • SolarWinds RMM
    • SolarWinds N-central
    • SolarWinds Backup
    • MSP Manager
    • SolarWinds Mail Assure
    • SolarWinds Passportal
    • SolarWinds Risk Intelligence
    • SolarWinds Take Control
Request quote
Filter Blogs
  • Filter by:
  • MSP Business
    • Automation
    • Backup & Disaster Recovery
    • Security-series
    • Best Practices
    • Business
    • Business Growth
    • Business Risk
    • Cloud Computing
    • Customer Service
    • Cybersecurity
    • Cybersecurity Awareness Month
    • Data
    • GDPR
    • Internet of Things
    • IT Support
    • ITSM
    • LOGICcards
    • Machine Learning
    • Mail
    • Managed Services
    • Marketing
    • Mobile
    • Networking
    • Operations
    • Podcast
    • Product
    • PSA
    • Remote Management
    • Research & Trends
    • Risk Intelligence
    • Security
    • Security Vlog
    • Service Desk
    • Services & Support
    • The Head Nerds
    • Tips & Advice
    • Training
Home Blog MSP Business SMBs are at higher risk of Cyber Crime
MSP Business

SMBs are at higher risk of Cyber Crime

By Nick Cavalancia
19 November, 2014

If you work for a small business, you probably believe you’re not a target for cyber crime, largely because you have little of value to be stolen. You’re not alone. Almost half (44%) of small business management don’t see cyber crime as a priority either.

But with 42% of small businesses experiencing at least one attack in the past 12 months, that thinking needs to be turned around. Phishing, malware, zero-day attacks, application vulnerabilities, and good old-fashioned automated hacking all represent the modern-day threat to the SMB.

Why is the small business such a strong focus for cyber criminal activity?

Cyber-CriminalsSometimes you’re the target
Let’s start by evaluating the target options a cyber criminal has and see what the “criminal ROI” is on attacking each target:

  • Individuals
    Everyday people represent the least secure target for a cyber criminal. They may or may not have some form of Antivirus/malware in place, but they are susceptible to phishing attacks and the like to be fooled into giving up credentials to banks, paypal, etc. However, individuals also have the smallest access to cash and credit. A recent article stated the average savings account balance in the U.S. was a little under $4,000. While the specific amount isn’t important, it represents that there isn’t a lot a cyber criminal will be able to run off with.
  • Small Businesses
    Like individuals, small businesses are focused on operations and not security.  Access to the Internet, email, utilizing inexpensive cloud-based applications—all in the name of keeping the business running with as little expense as is possible.  And one of those areas you don’t spend on is security. The small business has more access to cash and credit than an individual, but it’s still a far cry from the amount one would expect an enterprise company to have.
  • Enterprises
    These businesses have seemingly endless access to cash and credit. They also have dedicated budget and headcount focused on securing their networks, systems, data, and users, making it very tough to make any attack headway.

So which target makes the most sense?

Think like a Small Cyber crime Business
Since you already run one small business, let’s pretend we’re going to start a new business—one that works to deceive customers into giving us money using scams and hacks to get the job done. Like any business, you want the greatest margin possible, which means the lowest investment and the highest return.

So which of the three targets requires the least investment of our time (read: the lowest security), and provides us with the greatest return (read: the most access to cash and credit)?

BINGO! It’s the small business!

You have the least amount of security, a largely wide-open Internet connection susceptible to automated attacks that hit thousands of IP addresses including yours (making you a target of convenience rather than one of espionage), many points of entry (your employees), and the most access to money in various forms, relative to your security.

But believe it or not, sometimes when a small business is hit, they’re not the target.

Sometimes you’re just an asset
In the world of spying, an asset is someone being used for information or access to an even more important target. And in the world of cyber crime, an enterprise, having a security budget larger than the entire operating budget of most small businesses, is too tough to gain access to. So why not access the Enterprise through a less secure partner? By doing so, you unknowingly become an asset.

The infamous Target breach of 2013 wasn’t accomplished by directly attacking Target’s infrastructure, databases, or security. It was initially accomplished by obtaining credentials from a Target vendor who handles their HVAC. In addition, other compromised computer systems through the U.S. were utilized as “drop” locations for the stolen credit card data where it could be accessed later.  See? Asset.

Either way, you’re a target
So we’ve answered the question of “why”, so the next question is “how” is it being accomplished and “what” to do about it.  Let me attempt to do both in one simple list:

  • Think like a Chief Security Officer
    Scrutinize every way employees expose themselves to external influences—email, websites, cloud applications, etc.—and look for the ways credentials and computers can be compromised. Phishing attacks and malware via email, as well as advanced attacks via website access are two major ways criminals get in.
  • Protect Yourself
    Implement the basics from the start: anti-malware, antivirus, and web filtering.
  • Partner Up
    Utilize a solid partner who has dealt with this before. Remember, they do this every day and have been exposed to MUCH more of this than you have.
  • Prepare Yourself
    Statistically speaking, it’s going to happen sometime. Maybe not today, but within the next two years, you may find yourself a statistic. Build at least a rudimentary plan around what actions should be taken to remedy the security breach itself, and then what to do to remedy any reputation or revenue losses.

–––––––––––––––––––––––––––––––––––––––––––––––

Want to know more about security? Then check out the videos serious by our security lead, Ian Trump…

You might also like...
MSP Business

Operation Cloud Hopper-A wake-up call for MSPs and IT service providers

MSP Business

Are companies spending their IT Security Budget on the wrong things?

MSP Business

MSP Password Management

MSP Business

Using managed antivirus solutions in your MSP

MSP Business

How to keep on top of the malware threat

MSP Business

Is it possible to never experience an IT security breach?

Want to stay up to date?

Get the latest MSP tips, tricks, and ideas sent to your inbox each week.

Loading form....

If the form does not load in a few seconds, it is probably because your browser is using Tracking Protection. This is either an Ad Blocker plug-in or your browser is in private mode. Please allow tracking on this page to request a subscription.

Note: Firefox users may see a shield icon to the left of the URL in the address bar. Click on this to disable tracking protection for this session/site

Recent Posts
  • Three things I learned working for an MSP
  • Earning word-of-mouth referrals for your IT business
  • Backup automation part 1: Deploying backup devices
  • Ultimate Guide: MySQL Backup
  • Most common automation requests and how to solve them: Ep 2
Categories:
  • Security (240)
  • Tips & Advice (130)
  • Best Practices (97)
  • Backup & Disaster Recovery (96)
  • Managed Services (89)
  • The Head Nerds (82)
  • Business Growth (79)
  • IT Support (43)
  • Business (41)
  • Automation (40)
  • Operations (38)
  • Cybersecurity (37)
  • Mail (33)
  • Remote Management (30)
  • ITSM (26)
  • Networking (22)
  • Data (21)
  • Cloud Computing (21)
  • Marketing (15)
  • PSA (13)
  • Product (11)
  • Service Desk (6)
  • Services & Support (5)
  • Mobile (4)
  • Risk Intelligence (4)
  • GDPR (3)
  • Internet of Things (3)
  • Customer Service (3)
  • Research & Trends (2)
  • Training (2)
  • Cybersecurity Awareness Month (1)
  • Business Risk (1)
  • LOGICcards (1)
Show moreless
SolarWinds MSP

Products
  • SolarWinds RMM
  • SolarWinds N-central
  • SolarWinds Backup
  • SolarWinds EDR
  • SolarWinds MSP Manager
  • SolarWinds Mail Assure
  • SolarWinds Risk Intelligence
  • SolarWinds Take Control
  • SolarWinds Passportal
  • All Products Use Cases
Solutions
  • Security Solutions
  • Monitoring Solutions
  • Efficiency Solutions
  • Identify which RMM solution is right for me
  • Drive Efficiency with Automation
  • Manage my MSP Business More Efficiently
  • Manage my IT Department More Efficiently
  • Layered Security
  • Cross-Platform Support
  • Data-Driven Insights
About
  • About Us
  • Careers
  • Newsroom
  • Leadership Team
  • Upcoming Events
  • Subscription Preferences
  • SolarWinds
  • SolarWinds Trust Center
  • COVID-19 Response
Support
  • SolarWinds RMM
  • Solarwinds N-central
  • SolarWinds Backup
  • SolarWinds Mail Assure
  • SolarWinds Take Control
  • SolarWinds MSP Manager
  • Solarwinds Risk Intelligence
  • Solarwinds Threat Monitor
  • SolarWinds Passportal
  • SolarWinds Take Control Downloads
  • Backup & Recovery Downloads
  • Service Status

Footer 2

  • Legal Documents
  • Privacy
  • California Privacy Rights
  • Security Information
  • Sitemap

© SolarWinds MSP Canada ULC and SolarWinds MSP UK Ltd.
All Rights Reserved.