Watch out, cyber attackers shifting focus to small businesses

A new report out this week from Symantec highlights a disturbing trend: the number of daily targeted attacks specifically aimed at small and midsize businesses more than doubled in the past six months.

During the first half of 2012, the total number of targeted attacks -- ones that use customized malware and social engineering to proliferate -- rose to an average of 151 attacks per day during May and June, according to security technology giant Symantec.

Approximately 36 percent of those attacks were explicitly focused on SMBs, compared with 18 percent at the end of December 2011. During the same time frame, attacks against larger companies declined.   

The likely reason? Hackers see SMBs as a way to worm their way into their larger strategic business partners.

"It may be that your company is not the primary target, but an attacker may use your organization as a stepping stone to attack another company," said Paul Wood, cybersecurity intelligence manager for Symantec, commenting on his company's June 2012 Symantec Intelligence Report. "You do not want your business to be the weakest link in the supply chain."

The Symantec data is latest evidence of why security is (and should be) a growing component of IT spending for small businesses.

Certain industries including defense, chemical/pharmaceutical and manufacturing are particularly prone to attacks. For example, chemicals/pharmaceutical companies are hit by 1 in every 5 attacks, Symantec reports.

It takes more than technology to succeed with one of these attacks, of course. Awareness and education are two of the most important defenses that SMBs can apply in thwarting this rising incursion.