Cyber attacks on SMBs 'cost UK economy £5.36 billion'

Small businesses need help to combat millions of attacks faced every year

UK SMBs suffer a cyber attack seven million times a year, with the average hack costing them 3,000, new research has shown.

The Federation of Small Businesses (FSB) found that SMBs are the victim of an average of four cyber attacks every 24 months, with 66 per cent of the 1,006 organisations surveyed having been a victim of cyber crime at some point.

Typically, attacks targeting SMBs take the form of phishing (49 per cent), spear phishing (37 per cent), malware attacks (29 per cent) and "card not present" credit and debit card fraud.

While the average 3,000 cost of cyber attacks over the course of 2014 - 2015 may look relatively small, the aggregate cost of all cyber attacks on SMBs was 5.36 billion over the same period, according to the research.

Advertisement - Article continues below
Advertisement - Article continues below

This, in turn, can have a significant impact on the UK economy, as 99 per cent of companies in the country are small businesses with fewer than 250 employees, but which generate half of the UK's GDP, according to government data.

A total 93 per cent of respondents had some kind of cyber crime defence in place - normally security software and regular backups, but also 'strong' password policies or crisis plans - small businesses naturally have fewer resources, both financial and human, than their larger counterparts.

This can mean any IT professional employed in-house may be too spread too thinly to focus on security, that IT is outsourced to someone who is, once again, a generalist rather than a security specialist, or the "tech support" role may be incorporated into another job, rather than there being a dedicated team member.

Additionally, the lack of financial capital may mean businesses cannot afford to update their systems as frequently or invest in new technologies to help keep them secure, the FSB found.

Consequently, these businesses may not be implementing best practice, effectively through no fault of their own.

While this soft-spot can make SMBs an attractive target for hackers in their own right, they are also a potential portal to an even bigger pot of gold, with criminals or nation states attacking small businesses with the ultimate aim of gaining access to customers' systems further up the supply chain, particularly large enterprises and government entities.

Advertisement - Article continues below

Commenting on the study, Stephen Love, security practice lead for EMEA at IT vendor Insight, said: "The ... study highlights a key issue in the business landscape - the fight against cyber crime needs to be collaborative. When trying to protect itself against malicious attacks on its network, a small business finds itself in a David versus Goliath situation. But work with thousands of other small businesses, enterprises and the government, soon the small business becomes the goliath."

"However, no business should rely on the actions of others," Love added. "It's too easy to let others fight the fight without getting your hands dirty.

"Collaboration is definitely key in the fight against cyber-attacks. However, this means every business needs to be doing everything they can to put the most effective processes and solutions in place to protect themselves, and not wait for someone else to win the battle."

Featured Resources

2,000 days: the CIO's world in 2025

What the role of the CIO will look like in five years time

Download now

The workers' experience report

How technology can spark motivation, enhance productivity and strengthen security

Download now

6 best practices for escaping ransomware

A complete guide to tackling ransomware attacks

Download now

The IT roadmap from modernisation to innovation with consistent hybrid cloud

A guide to a modern, cloud-enabled IT infrastructure

Download now


internet security

Avast and AVG extensions pulled from Chrome

19 Dec 2019

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

data governance

Brexit security talks under threat after UK accused of illegally copying Schengen data

10 Jan 2020
cyber security

If not passwords then what?

8 Jan 2020
Policy & legislation

GDPR and Brexit: How will one affect the other?

9 Jan 2020
web browser

What is HTTP error 503 and how do you fix it?

7 Jan 2020