Small businesses convinced they won't be cyber attack targets have 'heads in the sand'

Britain's small businesses woefully under prepared to protect themselves against hackers, claims Kaspersky Labs

Britain's small businesses are "woefully under-prepared" to combat cyber attacks, despite an increasingly reliance on the mobile devices that often offer an easy entry point into organisations for cyber criminals.

That's according to a report by web security firm Kaspersky Lab, which suggests that one-third of UK small businesses wouldn't know what to do if they suffered a security breach, while a quarter admit they wouldn't be able to recover any lost data.

The reason for this, it's suggested, is that organisations have their "heads in the sand" because they're convinced that they will never be the target of a cyber attack, with 82 per cent of small companies revealing that they believe they aren't a potential target for hackers and cyber criminals.

However, what many don't realise is that if they have connections to bigger organisations as part of a supply chain, then cyber criminals will attack them. These criminals view small businesses as a vulnernable entry point that can be taken advantage of to gain information to be used as part of a greater attack against a larger organisation.

Indeed, according to the Federation of Small Business, 41 per cent of small firms were hit in some way by cyber-crime in 2013, with one-in-five affected by a computer virus and one-in-ten affected by online fraud.

It's suggested that these attacks are able to take place because small businesses are using the latest technologies, such as mobile devices, tablets and laptops, but aren't taking the proper precautions to ensure the information stored on them is protected.

"While it is encouraging to see the extent to which micro firms are embracing the latest technologies, this must go hand in hand with a strong approach to internet security," said Kirill Slavin, UK managing director at Kaspersky Lab.

"One in ten of those surveyed admitted that an IT security breach would probably cost them their business. This must be addressed, and quickly. Micro firms don't have to become IT security experts," he continued.

"Most of the time it's the IT equivalent of remembering to lock all the doors and windows when you go out, make sure you have some additional protection and not to leave valuables where others can easily see and get to them," Slavin added.

Alex Grant, managing director of fraud prevention at Barclays, urged small businesses to take more care with cyber security and to be more aware of phishing attacks and other cyber scams.

"Cyber-fraud affects one-in-eight small businesses every year with fraud losses to SMEs estimated at nearly £20bn. Criminals try to steal goods and the business identity through letters, a phone call, or via email. Increasingly, cyber crime is a principal priority risk for businesses," he said.

Typical scams include opportunities to acquire new customers who you supply but never receive payment from, or to purchase items from new suppliers that never deliver after having been paid.

"Fraud can happen to any type of business in many different ways, impacting their revenue, reputation and the long-term health of the business, with no business being too small to be targeted," Grant continued.

"The most important investment a business can make is to take the time to identify where they may be at risk from fraud and reduce those risks where possible to stay in control," he continued.

Earlier this week, Kaspersky warned that Facebook remains the number one social media targeted for phishing attacks.