Cyber attacks on SMBs 'cost UK economy £5.36 billion'

Small businesses need help to combat millions of attacks faced every year

UK SMBs suffer a cyber attack seven million times a year, with the average hack costing them 3,000, new research has shown.

The Federation of Small Businesses (FSB) found that SMBs are the victim of an average of four cyber attacks every 24 months, with 66 per cent of the 1,006 organisations surveyed having been a victim of cyber crime at some point.

Advertisement - Article continues below

Typically, attacks targeting SMBs take the form of phishing (49 per cent), spear phishing (37 per cent), malware attacks (29 per cent) and "card not present" credit and debit card fraud.

While the average 3,000 cost of cyber attacks over the course of 2014 - 2015 may look relatively small, the aggregate cost of all cyber attacks on SMBs was 5.36 billion over the same period, according to the research.

This, in turn, can have a significant impact on the UK economy, as 99 per cent of companies in the country are small businesses with fewer than 250 employees, but which generate half of the UK's GDP, according to government data.

A total 93 per cent of respondents had some kind of cyber crime defence in place - normally security software and regular backups, but also 'strong' password policies or crisis plans - small businesses naturally have fewer resources, both financial and human, than their larger counterparts.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

This can mean any IT professional employed in-house may be too spread too thinly to focus on security, that IT is outsourced to someone who is, once again, a generalist rather than a security specialist, or the "tech support" role may be incorporated into another job, rather than there being a dedicated team member.

Additionally, the lack of financial capital may mean businesses cannot afford to update their systems as frequently or invest in new technologies to help keep them secure, the FSB found.

Consequently, these businesses may not be implementing best practice, effectively through no fault of their own.

While this soft-spot can make SMBs an attractive target for hackers in their own right, they are also a potential portal to an even bigger pot of gold, with criminals or nation states attacking small businesses with the ultimate aim of gaining access to customers' systems further up the supply chain, particularly large enterprises and government entities.

Advertisement - Article continues below

Commenting on the study, Stephen Love, security practice lead for EMEA at IT vendor Insight, said: "The ... study highlights a key issue in the business landscape - the fight against cyber crime needs to be collaborative. When trying to protect itself against malicious attacks on its network, a small business finds itself in a David versus Goliath situation. But work with thousands of other small businesses, enterprises and the government, soon the small business becomes the goliath."

"However, no business should rely on the actions of others," Love added. "It's too easy to let others fight the fight without getting your hands dirty.

"Collaboration is definitely key in the fight against cyber-attacks. However, this means every business needs to be doing everything they can to put the most effective processes and solutions in place to protect themselves, and not wait for someone else to win the battle."

Advertisement
Advertisement

Recommended

Visit/security/cyber-security/355185/165-million-britons-experienced-a-cyber-crime-in-the-past-year
cyber security

Report: 16.5 million Britons fell victim to cyber crime in the past year

1 Apr 2020
Visit/cloud/amazon-web-services-aws/355183/aws-launches-amazon-detective
Amazon Web Services (AWS)

AWS launches Amazon Detective for investigating security incidents

1 Apr 2020
Visit/security/privacy/355182/government-to-launch-coronavirus-contact-tracking-app
privacy

UK government to launch coronavirus 'contact tracking' app

1 Apr 2020
Visit/software/video-conferencing/355180/zoom-does-not-use-end-to-end-encrypted
video conferencing

Zoom admits meetings don't use end-to-end encryption

1 Apr 2020

Most Popular

Visit/security/privacy/355211/google-releases-location-data-to-showcase-effectiveness-of-coronavirus
privacy

Google releases location data to show effectiveness of coronavirus lockdowns

3 Apr 2020
Visit/data-insights/data-management/355170/oracle-cloud-courses-are-free-during-coronavirus-lockdown
data management

Oracle cloud courses are free during coronavirus lockdown

31 Mar 2020
Visit/software/355113/companies-offering-free-software-to-fight-covid-19
Software

These are the companies offering free software during the coronavirus crisis

2 Apr 2020