Cybersecurity threats proliferating for midsize and smaller businesses
Smaller organizations are targets for hacking and phishing attacks to get information that can harm them or bigger companies they do business with. This July 2017 Journal of Accountancy publication addresses these increasing threats.
Why would cyberthieves target a company other than the very largest - big enterprises with big payoffs? It's a question that many small and medium-size businesses (SMBs) ponder, arriving at the wrong answer.
Hackers have SMBs in their crosshairs as much - if not more so - than the world's biggest enterprises. Here's one reason: Small companies in the business-to-business space that serve large organizations often connect to the latter's networks and systems. In effect, the SMB is a potential conduit to the larger company's data assets.
Case in point: The massive data breach of Target in 2013 was widely reported to have begun with the hacking of the retailer's HVAC vendor.
Another reason SMBs have a bull's-eye on their backs is that just like larger businesses, they are repositories of sensitive customer and employee information like credit card numbers. These data can be stolen and sold on the darknet, the anonymous network used for illegal peer-to-peer file sharing. In its shadowy corners lurk the plunder of many data breaches, including the spoils taken from SMBs.