Cyberattacks are on the rise, and that includes small businesses. Here's what to know
Cyberattacks on businesses are rising, including small businesses
Your support helps us to tell the story
From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.
At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.
The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.
Your support makes all the difference.Cyberattacks on businesses are rising, including small businesses. It's a troubling trend because a breach can be very costly and time consuming if owners don't have a plan to deal with one.
According to the Verizon 2023 Data Breach Investigations Report, the median cost per ransomware attack — which features a type of malicious software designed to block access to a computer system until a sum of money is paid — more than doubled over the past two years to $26,000.
That's partly because there has been a dramatic increase in ransomware attacks, which represent 24% of all breaches.
Small businesses should first have a plan in place to prevent cyberattacks. The human element is the cause of 74% of breaches, so owners should make sure all of their employees use safeguards such as two-factor identification to make it harder to be hacked. Requiring employees to regularly change their passwords can also help.
If your business has been breached, it's best to work with a cybersecurity executive within your company or a trusted third party to assess what happened and the damage done. Trying to contain it without having the right technical knowledge can just make things worse.
It's also important to let the authorities know what happened. Attacks must be reported to federal authorities within 72 hours after a company is reasonably sure one has occurred.