Cyber criminals are increasingly targeting small businesses, according to a new report from Chubb.
The report examines the emergence of new types of ransomware that are increasingly targeting businesses, including small and medium-sized enterprises (SMEs). Ransomware attacks use malicious software to block businesses’ access to their network until a ransom is paid.
“Cyber criminals typically don’t target specific small businesses, but they increasingly use tools that target their vulnerabilities,” said Patrick Thielen, senior vice president of Chubb Financial Lines. “Those vulnerabilities are at times technical, like unpatched software or poorly configured hardware. But even more common are those vulnerabilities involving employees who may use weak or compromised passwords, or may inadvertently click something they shouldn’t have.”
“Cyber criminals know that SME leaders may mistakenly think that cybersecurity services are beyond their means, which makes SMEs more vulnerable to an attack,” said Anthony Dolce, vice president and cyber lead for Chubb North America Financial Lines Claims. “However, we are living in an age where cyberattacks are constantly evolving and threatening businesses of all sizes, but especially small to mid-size businesses. Therefore, it remains critical for companies to understand this present age and develop strong risk-mitigation strategies to lessen the impact of cyber threats.”
According to the report, 21% of cyber incidents reported to Chubb last year by small businesses involved social attacks such as phishing, 20% were due to error, and 14% were due to hacking.