Christmas is right around the corner and just a short hop behind that is the breaking dawn of another New Year. So this month, we’ve been looking back at the last 12 months, analysing trends and figuring out what we need, to be on the look out for next year. One of the things we have noticed (and you probably have too) is that there have been a LOT of cyber-attacks in the news this year. It seems like we can’t go 2 weeks without some high-profile hack happening. But despite these all being aimed at big businesses, the frequency has started to get smaller business owners concerned. But the good news is, while some smaller businesses might still be at risk of attack, there are certain industries that find themselves more vulnerable than others. This might not sound like good news, but it does mean that if you are one of those businesses, you can take steps to ensure your business is fully protected. So which types of business are more vulnerable to a cyber attack?
Hotels And Hospitality
The hotel industry has always been a veritable gold mine of data for hackers who want to sell information on the black market, or get hold of some high value credit card information fast. Recent hacking incidents include Trump Hotels, MGM Resorts and Marriott International Hotels. This is because hotels handle a huge amount of transactional data every single day, and guests often expect a high reserve transaction, or lots of small ones to appear on their statements when they stay in hotels. Hotels also tend to use third party software to handle their reservations and bookings, which means hackers don’t even have to target the hotel itself – they just need to infiltrate the third-party software instead.
This one really is unsurprising, if we’re honest. Financial services businesses of any kind, even small asset finance outfits, will handle some of the most valuable data out there, along with a hefty bank balance to handle financial transactions. However while they might not realise it, their bank balance isn’t usually what the hackers are after – it’s their customer data. That data includes names, banks, account information and much, much more. All of this information will fetch a small fortune, when sold on the information black market, as well as give them access to some of the most valuable assets out there, so criminals make a habit of targeting financial institutions.
Even small businesses can handle decent amounts of money, or valuable data, and some of them don’t even know it. The problem however is that small businesses rarely think they can afford the resources and protections they need to keep the business safe. One-man bands are particularly prone to this; thinking that keeping their data on one machine in their home will be enough to protect it – or worse not thinking about it at all.
Healthcare businesses of any size are an attractive target to cyber criminals, but not usually for financial gain. Instead, the root cause of attacks on healthcare institutions usually lies in the wealth of patient data they hold. Cyber criminals aren’t always looking for money after all, sometimes they may wish to steal someone’s identity instead. As healthcare records contain a huge amount of personal information, like national insurance numbers for example, that could be tricky to find elsewhere.
Manufacturing is an interesting one, as it doesn’t tend to hold huge amounts of financial or personal data. Instead, the reason for targeting these is often to disrupt the manufacturing process and cause harm to a brand or business that way. It isn’t always the manufacturing firm that’s the end target either – but if that firm has a big contract for the target, cutting off their product supply by interfering with the manufacturing firm is a good way to ensure problems. This could be through DDOS attacks, halting manufacturing or simply deleting data sets to prevent products being created.
The important thing to remember is that, as a small business owner, you are one of the target markets for the budding cyber-criminal. Now more than ever proper investment in robust cyber security is essential. To do that, you need to be able to understand how cyber criminals target businesses, what vulnerabilities they exploit and how they would approach breaching your individual business. At Bridewell, we help businesses understand exactly where their weaknesses lie and offer practical advice and help, fixing the holes and creating a strong, cohesive barrier against a cyber attack. For more information, or to find out how our cyber experts can help you, get in touch with the team today.
Lastly, please read Anthony Young's comments in the article Cyber Security 101: Understanding and Mitigating Risks.