Most SMBs were hit by a cyberattack last year

Ransomware attack on a computer
(Image credit: Kaspersky)

The majority of small and medium-sized businesses were hit by a cyberattack over the last 12 months, a new report from global cybersecurity company BlackFog. 

The firm found that almost two-thirds (61%) suffered at least one attack in the last year, with a rising number of firms falling to repeat attacks. Almost nine in ten (87%) of IT decision-makers confirmed their firms suffered at least two successful attacks in the last year, while on average, an organization saw almost five successful cybersecurity incidents.

These incidents range from malware attacks, to ransomware (which often includes data theft, as well).

Business downtime

While the impact of cyberattacks varies from firm to firm, the most obvious one was business downtime, which affected the majority of victims (58%). Customer trust and retention were also greatly affected, as a third of all respondents reported a loss of customers, as a result. Finally, 39% reported the loss of customer data. 

There are a number of things that contributed to the enormous rise in cybercrime over the past couple of years. 

The Bring Your Own Device (BYOD) initiative, the rising popularity of the Internet of Things (IoT), as well as the “explosion” of productivity apps, have all made the threat landscape infinitely larger and more difficult to maintain. 

Furthermore, since the Covid-19 pandemic, many organizations have shifted towards remote working, which added to the complexity with shadow IT, unsecure home networks, and overall hindered visibility.

To remain secure, businesses can do multiple things, from training their employees on the dangers of phishing and social engineering, to integrating a VPN or ZTNA solution, to installing state-of-the-art antivirus programs, endpoint protection solutions, firewalls, and more. Finally, forcing multi-factor authentication (MFA) whenever possible is considered the industry standard these days. 

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.