Small businesses increasingly a target for cybercriminals

While small and mid-sized businesses are increasingly targets for cybercriminals, companies are struggling to devote enough resources to protect their technology from attack.

That's one of the findings of an annual survey of companies released by the Poneman Institute, which researches data protection, and Keeper Security, a manufacturer of password protection software.

The survey found that 76% of the 592 U.S. companies surveyed had experienced a cyberattack in the previous 12 months. That was up from 70% in a survey in 2018, and 63% in a 2017 survey.

The most common attacks were phishing and social engineering scams, cited by 57% of companies. These are invasions that target unsuspecting computer, smartphone and tablet users with realistic-looking emails; if a user clicks on a link or attachment in the email, malicious software is downloaded onto the device. Forty-four percent of companies reported an attack that came via a website.

While businesses of all sizes are victims of cyberattacks, the smaller the companies, the more vulnerable they can be. They don't have large information technology staffs and many don't have expensive, sophisticated software designed to monitor their systems and defend against attacks.