“We’ve been hacked.” There is a must read article for all small businesses. It’s about electronic hackers and a small business in Chicago that was successfully hacked. The authors are Geoffrey A. Fowler and Ben Worthen. The title of the article is: Hackers Shift Attacks to Small Firms. The article appeared in the Wall Street Journal on July 21, 2011.
The authors quote Dean Kinsman, a special agent in the Federal Bureau of Investigation’s Cyber Division. Kinsman says that hacking at small businesses “is a prolific problem,” and that “It’s going to get much worse before it gets better.”
Imagine this: It’s just another day at your small business. You take a credit card from a customer standing in front of you. You run the card just like you always do and begin a standard transaction. The credit card is sent from the reader over the Internet to the processor. But unbeknownst to you, or your customer, before the transaction arrives at the processor for approval, a software program intercepts your customer’s data (known as a data breach) and a copy of the entire transaction is sent to a server in Russia and to a Yahoo! Email address. But in normal split second timing, the transaction is approved, just like always. You say, “Thank you!” to your customer and both of you go about your day.
Your small business has just been hacked. Your customer’s data has just been hijacked. A cybercrime has just been committed. But you don’t know anything about it. How would you? It was a normal transaction. And you might not find out about it for a year. And your small business may be liable for damages.
Hacking is not new. We hear the term all the time. So like the rest of the news, we’ve become numb to it. But for small businesses this is different. This well-researched article is scary. I sent it to some business associates of mine to warn them. Two of them contacted me almost immediately to schedule an appointment with our company because of this article. They’re scared that their business computers could be hacked. They have good reason to be scared. All of us who are employed by a small business should be scared. Why?
Hackers have turned their attention to the low hanging fruit in the cyber world. Fruit that is best described as weak security. Most small business don’t have dedicated IT Professionals on staff because they can’t afford it. So . . . in some small businesses their security is weak and the criminals know that. Sadly, more and more crimes like this are occurring, according to a couple of very reputable sources.
Consider this: Verizon Communications Inc. forensic analysis unit, and the U.S. Secret Service investigate data breaches against small businesses. They report that in 2009 there were 141 cases reported by companies with fewer than 100 employees. In 2010, that number had jumped to 761.
The article tells a very sad story about Joe Angelastri. He owns a couple of newsstands in the Chicago area. He says in the article, “We thought there would be very little chance that somebody would come into a business of our size to pull off something like this.” Does that sound like you?
It sounds just like me! I have those same thoughts that MR. Angelastri had. But after reading the article I’ve had my eyes opened. My world view is changing. This world is not a safe place. Duh! You say. The point is this: you can be robbed and not even know it. Mr. Angelastri didn’t even know he was being hacked for one year. It cost him $22,000.00.