Home → Blog
Preparing for Cyber Warfare: The Impact and Legal Effects of Cyber Attacks on Small Businesses
On behalf of Margules Law Group, P.A. | 08/11/2021 | Firm News
The world has changed. Today, Cyber Attacks happen almost daily and most small businesses are not prepared or equipped for the coming infiltration.
Let’s begin with an example: You are the CEO of your startup which is on the verge of obtaining first-round financing. One day, you open up an email from one of your employees which states “are you busy? I need you to process a wire transfer for me today. Let me know when you are free so that I can send the beneficiary details”. Upon opening the email, and in the worst case scenario that you even respond to it, before you can even blink, your data has been locked up and encrypted with a code of which is usually comprised of over 2,000 characters and nearly impossible to crack. Your data has been held for ransom and nobody will have access to it unless a substantial fee is paid. In certain scenarios, if the ransom isn’t paid, the anonymous encryptor will sometimes even threaten to publicly release or even permanently erase confidential or other substantial documents to up the ante.
Ransomware attacks are currently amongst the most common threats to businesses with less than 100 members. The average ransom payout in 2018 was over $110,000.00. Victimized small businesses as previously mentioned are not usually protected or insured for cyberattacks, leaving them with the difficult choice of paying the large sum of money or risking losing valuable data.
Today, the small business owner today is just as likely to be exploited by a cyberattack as the larger company. Small businesses going into business online are prone to cyberattacks and most owners are not concerned with the possibility of small to medium sized businesses being targeted for these attacks. According to CNBC, nearly 50% of cyberattacks were targeting these small to medium sized businesses in 2019. It should be noted that 60% of small businesses that have been victimized have closed as soon as six months later.
Today's society is hardwired to the internet and most businesses need to follow this trend. With many transactions being done online it is essential for small businesses to take the steps necessary to protect themselves. This concern is also linked to the company's financial information. With online banking and contracting it is becoming easier and easier for small businesses to fall victim to cyberattacks and fraud. It is more common for a successful attack to come from an unsecured “smart product” examples are: Tablets, Smartphones and laptops.
Ransomware attacks are currently amongst the most common threats to businesses with less than 100 members. This form attack involves encryption on the company's data. This attack usually locks the company out and access is offered in exchange for some sort of payment. The average ransom payout in 2018 was over $110,000.00. Victimized small businesses as previously mentioned are not usually protected or insured for cyberattacks, leaving them with the difficult choice of paying the large sum of money or risking losing valuable data.
One of the best things a company can do is implement high value awareness training to its employees, higher security in password protection and reactive plans to combat these attacks. In the legal arena, not only are these attackers jeopardizing companies' confidential data and information systems, but also confidential personal data and information of executives and employees, causing lawsuits in liability and confidentiality. Additionally, these attacks are causing 1st and 3rd party insurance issues resulting from the costs associated with such events, as well as the costs of defending related claims. Be sure to obtain counsel who knows how to counsel you from this perspective, but also counsel your business from a holistic view point.