Many small business owners don’t understand why an attacker might target their computers or networks – especially if there aren’t any credit card numbers or social security numbers to steal. Unfortunately, there are always other ways for hackers to make their money from unauthorized access, and even the smallest financial incentive can make your business a target.
If you’re trying to convince your boss to invest in network security, or if you’re weighing the pros and cons of investing in security on your own network, the best place to start is to understand the motives of potential attackers and to address those scenarios first.
Ransomware is a form of extortion in which malware encrypts a hard drive and displays a message requesting money in exchange for the decryption key, sometimes posing as a legitimate security firm to lend credibility to the operation. Unfortunately, for businesses without backups, this encryption is currently irreversible without the key. Even more unfortunately, hackers often demand even more money once the target proves willing to pay up.
- Mailing Lists
Trivial contact information doesn’t seem like it would be worth the effort of breaking into a small business network – and that would be true if it weren’t for the fact that most of these operations or completely automated these days. If data-scraping malware makes it into your system, those lead lists and email databases could hit the market within minutes.
- Bitcoin Mining
Bitcoin is an alternative digital currency that isn’t printed; rather, computers running hashing algorithms generate the coins which are then stored in a digital wallet. Infecting computers with “Bitcoin miners” allows the person controlling the wallet to maximize their profit without needed to purchase their own expensive mining software. Abusive mining programs significantly reduce computer performance and can even destroy hardware.
A botnet is a collection of compromised computers enlisted to carry out tasks without the owner’s knowledge, and Bitcoin is just a relatively benign way to use one. Other, more malicious purposes include spamming, distributing illegal media, and attacking other businesses, all of which can net the perpetrator serious profits.
What’s The Easiest Preventative?
Fortunately, the easiest way to prevent attacks is also the cheapest: making sure all software is up-to-date with the latest security patches for the operating system and third party applications. Unfortunately, many small businesses cannot utilize automatic updates because of the potential to interfere with employee productivity. If this is the case for your business, ask your IT team or consultant about investing in an inexpensive remote patch management solution like Batch Patch.
Remote patch management tools make it easy for a single system administrator to choose which updates to install and then deploy those updates at the most convenient time. The best part is that your sysadmin can deploy updates on a large number of computers at once, from anywhere. Check it out – Batch Patch really works.
Even the largest and best-funded organizations know that there is no such thing as “100% secure”, but knowing the motivation of potential attackers is the best way to identify and address the issues most relevant to your business without spending a lot of money.