Small Business Brief

Safety & Loss Prevention

The 10 Biggest Network Security Threats to Small Businesses

If you’re a small business, one of the biggest threats to the survival of your company is cyber attacks. Here are the 10 biggest and most common network security threats that your business should know about.

How sure are you that your computer network is secure?

Around 60% of small to medium-sized businesses close within 6 months of a network attack, so the potential for damage shouldn’t be ignored.

But with constantly-evolving security issues to contend with, it can be difficult to identify the most serious risks.

To help you out, here are 10 of the most serious network security threats you shouldn’t ignore.

1. Network Intrusion

One of the most troubling network security issues for small businesses to deal with is the threat of network intrusion. Poorly secured networks are prime targets for criminals, and once they gain access, they’re able to cause a lot of damage.

A hacker could compromise your data to sell on to others. This could be anything from customer payment details to product information.

If your business relies on commercially sensitive data, a network intrusion could put that at risk.

The best way to protect against this kind of attack is by taking sufficient precautions to prevent access. Make sure your business has an effective network firewall.

2. Denial of Service Attacks

Our computer systems aren’t infallible, and both internal and external networks can come under strain if there’s a heavy load of traffic. Hackers will exploit this fallacy by using a denial of service attack.

A denial of service attack will seek to overload a network, slowing systems down and forcing them to crash. This can cause disruptive downtime for businesses, especially those reliant on the internet, such as online retailers.

It can either come from one source or, if a hacker has more than one computer at its disposal, can come from more than one in a ‘Distributed Denial of Service’ or ‘DDOS’ attack.

Due to the factor increase in traffic (1 vs many computers), a DDOS attack is more damaging, but the risk of either shouldn’t be ignored.

3. Ransomware

Ransomware is a variation of other typical weapons in the hackers arsenal, but no less damaging. One famous example is the ‘Wannacry’ ransomware attack of 2017 which crippled government agencies and businesses, both small and large across the globe.

Once a system is infected, ransomware will encrypt the hard drive and alert the system user, demanding money in return for the decryption key. If you fail to pay up in a certain time frame, the key is deleted.

This risk to data helps explain why 60% of businesses collapse after a cyber attack because, without sufficient backups in place, the data can be irrevocably lost.

4. Phishing

Your company should be aware of the risks of phishing. Phishing attacks originate in emails designed to mislead and lure the recipient into performing an action that gives the hacker an advantage.

It might seem like an innocent email from a source you recognize that wants you to fill in your login details on a website, or to open up an attachment.

In doing so, you’d be giving away your details to a malicious source, or allowing ransomware or other attacks to run on an otherwise secure network.

If you’re unsure about whether an email is genuine, you should err on the side of caution. This phishing help guide from the US Federal Trade Commission should help you determine friend from foe in emails.

5. Out of Date Software

You should be sure you always keep your software up to date. That includes your operating system, your anti-virus software, and any other commercial software you use.

Wannacry, for instance, originated from an insecurity in the Windows operating system. The insecurity had already been ‘patched’ in Windows updates, but the organizations affected hadn’t kept their systems up to date.

Let Wannacry be a lesson learned, and keep your software up to date at all times. Take a look at some other security tips with our computer security guides on our Small Business Ideas forum.

6. Trojan Horses

Like the Greek weapon against Troy, the modern-day trojan horse is designed to trick a user into running software that can allow a malicious intruder to gain access and become a security risk.

And like the Greek’s wooden horse, the damaging software is usually packaged up in something less ‘scary’ to the user. Like a spyware cleaner, for instance.

When hackers added a trojan to downloads of CC Cleaner, a well known and respected data cleanup tool, over 2 million machines were infected.

Protect against these kinds of network threats with a good quality anti-virus, as well as locking down internal access to networks from the outside using a firewall.

7. Weak Passwords

Any user on your network with a weak password is a potential security risk. Easily guessed passwords can allow malicious hackers access to your system.

Have a password policy on your network that helps to limit this. Don’t allow passwords that are easily ‘brute forced’ by making sure capital letters, numbers, and special characters like the dollar sign are used.

Don’t allow any ‘dictionary word’ passwords, either. These kinds of passwords are easy for hackers to crack.

8. Botnets

We’ve already talked about the risk of denial of service attacks, especially the distributed kinds. Hackers use ‘botnets’ to create these kinds of attacks, which are simply machines which, under the hackers control, can be used to perform the attacks.

And if your network isn’t secure, your systems can be used as part of such a botnet.

Not only will your systems be compromised, but your internet connection can be affected, with traffic slowed as the hackers utilize your connections bandwidth.

9. Insecure BYOD Policies

As companies look to reduce costs, BYOD – or ‘bring your own device’ – policies are becoming more popular.

But if your network is insecure, inviting your employees to bring their own devices can allow all kinds of problems to be introduced. Ransomware, trojans and other attacks can spread from their devices.

With this kind of exposure, you should look at how you can introduce secure BYOD policies. Managed IT solutions that offer device management and security could help secure these devices for you while allowing the employee the choice to use it for both work and pleasure.

Read more now about the benefits that managed IT, like those offered by Be Structured, can offer.

10. Spyware

Malware – software used by hackers for malicious purposes – come in various forms. Some of those we’ve already mentioned, such as ransomware and trojans, but another you should look out for is ‘spyware’.

Network threats caused by spyware can allow a hacker to watch and record everything that takes place on a computer. Sensitive commercial data, login information, and bank details could all be recorded.

Install suitable anti-spyware software to help mitigate this risk.

Protect Against These Network Security Threats

Given the damage that can be caused to your business, protecting against network security threats isn’t something you should ignore.

With good network security, you can protect against some of these more common network threats. Keep your software up to date, run effective anti-virus, anti-spyware and anti-malware software, and be careful of allowing staff to bring in insecure devices without securing them first.

Liked our tips? Check out some of our other business advice articles.