What can a small business learn from large-scale attacks?

You would have to be living under a rock if you have not heard about the most recent CDK attack on dealerships.

15,000 car dealers were left dead in the water, back to paper to attempt to serve their customers.

Whilst the BIG attacks always hit the news, of which there have been several over the last few months, the question becomes what do we learn from these attacks for our businesses?

Here are just some of the recent ones:

CDK. A cloud-based application that allows auto dealerships to complete transactions, front office, back office, service departments and more. That attack has impacted organizations throughout the US. It is thought at this time the Blacksuit ransomware gang is responsible.

Federal Reserve. 33TB of sensitive information was stolen by a Russian cyber gang, Lockbit.

Change Healthcare. This attack impacted over 70,000 pharmacies. Change processes over 15 billion healthcare transactions per year. Critically, they are involved with a third of all American patient records. They were attacked by the Alphv ransomware group.

The big ones make the news. This helps fund the narrative of “it will not be me because I am too small.” - “They will not target my business because we have nothing proprietary etc.”

Nothing could be further from the truth. Everyone is just a payday to cyber criminals, no matter the size of your organization.

Large-scale complex attacks are difficult and require expertise. Smaller organizations are more vulnerable and here is why:

• No IT department.
• They outsource to an IT provider and have no idea if they are doing a good or bad job.
• Lack of investment. Cybercriminals are out-investing you by a scale of 10-1.
• Security is not important to your business. It’s a secondary afterthought.
• Quite frequently, no cyber liability insurance is in place.

All these reasons present an open door to cyber attackers from around the world to attack your small business.

What can we learn? It is now time to start thinking of WHEN not IF. This will help guide your decision-making process around the appropriate protections.

Talk with your IT provider to find out what new protections can be put in place to combat cybercriminals. Below are just three steps you can take today that will help:

• Implement a documented test and backup recovery program, tested every six to twelve months.
• Explore and implement zero trust principles. An idea of least privilege.
• Find out where you are today security-wise so you know as a leader where gaps exist and close them.

The risks have never been so severe to your business that we should all be taking new protections seriously.

Securely yours,

Scott

If you need any further assistance or have more content to review, feel free to ask!