The stakes are high for businesses when it comes to cyber attacks with profits, sensitive information, customer data and brand reputation all on the line. PHOTO courtesy Pixels.
This month Exco Technologies Limited, a global supplier of technologies servicing the die-cast, extrusion and automotive industries, was the latest manufacturer to suffer from a cyber breach. The company, which operates three plants in Ontario, confirmed that three production facilities within its Large Mould Group are recovering from a cyber incident and that it had to temporarily disable computer systems while investigating the incident. Time expected till substantial restoration: about two weeks.
It’s a predicament no manufacturer wants to be in, yet it seems to be a growing reality for many. Small and medium-sized manufacturers, perhaps once considered too small for cyber criminals to bother with, are now particularly at risk. Today, businesses of all sizes must continue to be vigilant to cyber attacks.
“The cybercriminals have professionalized considerably in recent years, improving their ability to target small and medium sized businesses at scale. This includes making it easier for more criminals with limited technical skills to illegally profit from cybercrime. Techniques such as ransomware, business email compromise (BEC) and other fraud schemes are now commonplace…Canadian law enforcement is taking steps to combat these threats, but since most cybercrime operations are launched from overseas in countries where risk of prosecution is low, their capabilities have limits,” warns John Hewie, national security officer, Microsoft Canada, in a blog penned for the Canadian Chamber of Commerce.
Hewie advises that businesses of all sizes must be vigilant to cyber attacks. Yet, according to a survey from the Insurance Bureau of Canada (IBC), almost half (47%) of Canadian small businesses do not allocate any portion of their annual operating budget to cyber security. The same study found that 41% of small businesses that suffered a cyber attack reported that it cost them at least $100,000.
“The stakes are high for businesses when it comes to cyber attacks with profits, sensitive information, customer data and brand reputation all on the line,” Hewie says. “We know it is often cost prohibitive to have an in-house IT or security expert on staff for small businesses. But what we know about cybercriminals is that they’re opportunistic. They typically look to exploit organizations with minimal security controls because it is cheap and easy for them. So with basic security hygiene, businesses can protect against 98% of cyber attacks.”
Prioritizing foundational cyber security best practices can prevent the most common types of attacks. For example, small businesses using Microsoft 365 are also encouraged to review their personalized Secure Score dashboard and prioritized list of recommended security configuration actions.
A relatively easy way to add an additional layer of security for your local small business network is to configure your network router to use a domain name server (DNS) service that blocks access to known malicious domains.
“When you configure this once on your network router, all devices that use your small business network benefit. Review the privacy policies when choosing a DNS provider to ensure it aligns with how you might want your internet usage data being used,” Hewie recommends.
Only a small percentage of cybercrimes or frauds are reported to police in Canada, making it difficult for law enforcement to keep up with the ever-changing threat landscape. If you have been a victim of a scam, fraud or cybercrime, please contact your local police as soon as possible. The Canadian Center for Cybersecurity provides detailed instructions and what to expect here. Also, consider reporting attempted scams or fraud to the Canadian Anti-Fraud Centre.. Reporting may help link multiple crimes together and contribute to further investments in Canada to combat cybercrime.
“An attempted cyber attack against Canadian small businesses is inevitable in today’s world, but that doesn’t mean organizations need to become victims. Committing to applying the cyber best practices outlined above can help protect your small business against most cyber attacks,” Hewie says.
