What The Google Case in China Means For Your Small Business

One week ago, Google announced that its company and at least 20 others were victims of a “highly sophisticated and targeted attack” originating in China in mid-December, evidently to gain access to the e-mail accounts of Chinese human rights activists.

Until now, Google has run a “censored version” of its search engine in China to comply with local laws and government stipulations. As a result of the attack, Google stated its plans to operate a completely uncensored version of its search engine in China “within the law, if at all”, and acknowledged that if this is not possible it may leave China and close its Chinese offices.

Although the Google/China case has blown to such proportions because of external factors and difficult international relations, the vulnerability of some of the most leading-edge technology companies has definite implications for business owners around the world.  New, more targeted spying and malware attacks are making the computer-security game one that is no longer safe to play alone.

First, the purpose of the malware is different.  The goals are no longer to simply disable a computer or network or to steal single files of information.  The goals of malware now are to sit, undetected on a server and spy on a network for long periods of time, giving cyber criminals access to large parts (if not all) of a business’ most important information.

Second, the method of gaining access to networks is more targeted and constantly evolving.  From individually sent e-mails from a “friend” or “colleague,” to notifications from a person’s bank or the IRS, to USB drives left in parking lots or work spaces, the roads to accessing a network are numerous and growing each day.  Other techniques for getting inside company’s infrastructure involve exploiting weaknesses in Web-site or network-routing software and using those openings as gateways for malware.  Think your cellphone is safe from malware?  Think again.  New viruses can turn on a phone’s camera, microphone, GPS and more.

While large companies are definitely at risk for attacks, its the small business owner with the real target on his back.  Why? According to a Yankee Group study, 40% of small businesses rank computer security breaches as an important issue, but nearly half defer security upgrades due to cost concerns.  Why would a criminal spend months or years trying to infiltrate Google’s network, when there are probably five businesses within walking distance of his home with unsecured networks?

While most medium and large organizations have Information Technology departments many small businesses don’t even have one person dedicated to IT tasks. In these situations there are often vulnerabilities related to un-patched systems or improperly configured equipment. Since these companies don’t have IT staff it is highly probably they don’t have anyone thinking about information security. These companies probably don’t have defined policies relating to system use or configuration.  They’re the low-hanging fruit cyber criminals are looking for and they may not even know it.

Unfortunately, many of those unsuspecting small business owners will be affected by an incident directly related to their network security.  Many small business owners, having never experienced the impact of a security breach, are complacent and have a passive response to the technological threat to their computer infrastructure. They have the “if it ain’t broke, don’t fix it” attitude and aren’t stirred to action until it is too late. They don’t plan or budget for solutions to the possibility of trouble and, have nowhere to turn when it happens.  Does your business have a disaster recovery plan?

The attack on Google was just a hiccup in operations for the massive company, but the stakes are much higher for a small business. The US Department of Labor estimates that over 40% of small businesses never reopen following a disaster.

Password-protecting your small business network  just isn’t enough anymore.  As technology rapidly advances, so do the threats to that technology and ultimately your business.  Fortunately, keeping your business safe doesn’t have to break the bank.  CMIT Solutions is an industry-leader in small business technology who understands the needs of the sbusiness owner.  Let us keep your technology running so you can run your business.


Thanks to Armando D’Accordo, owner of CMIT Solutions of South Nassau for collaborating on this article.  You can visit Armando’s blog here for other great articles.  You can also and find him on Linkedin and Facebook.

Advertisements

One Response

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: