By now, everyone has been made aware of the Starwood Hotel (owned by Marriott) data breach/hack that was publicized in at the end of 2019 and exposed the data over more than 500 million customers - or nearly 14% of the world's population to put things into perspective. The information gathered by hackers amounts to millions of individuals passports, phone numbers, DOB, address, and credit card numbers which can be anything from a massive headache to utterly ruining those who were affected lives'.
The hackers first gained access to Starwood's database back in 2014 and had been combing through the database unnoticed ever since. While the details are still being reviewed, it's apparent that they were able to infiltrate the system through a series of vulnerabilities on the hotel chains' database system. The chains' response? A mere apology, a free subscription to a credit monitoring service (of which there are already hundreds available) and a hotline to call to inquire about their account, and that's it.
Now, why are we talking about a data breach that happened to a multibillion-dollar conglomerate with a plethora of resources? Because if it happened to them, it can certainly happen to you. While hackers attacking the SMB space likely aren't holding your data hostage for tens of millions of dollars, SMB's cybersecurity is generally much less secure than an international conglomerate. An old co-worker of mine used to phrase it like so: Small & medium businesses are low-hanging fruits that are much easier to pick than say the apple that sits atop of the tree (i.e. Marriott). So, while you might get a much fresher, livelier apple that sits atop the tree, they're difficult to get and take much more time than, say, a low hanging fruit which is much easier to grab.
The Starwood Hotel's hack took years to implement and gather data fully – and while the payout for the hackers was incredibly rewarding, it was an intricate and difficult feat to achieve whereas it's much less effort for a hacker to attack a handful of small businesses over the course of a few months, even weeks and receive a sizeable payout for organizations to get their data back.
While some industries are more vulnerable than others, i.e. construction/manufacturing & professional services, the rate of ransomware affecting businesses in the SMB market is up 61% or more than $8 billion per year, and steadily rising.
Don't let your SMB fall victim to ransomware and drive itself into the ground. This day in age there's a huge variety of various security offerings and implementations that can be utilized to better protect your company. Don't become a statistic. Stay protected & stay safe – your customers depend on you.