43% of Cyber Attacks Still Target Small Business while Ransomware Stays On the Rise



cyber attack statistics

If you buy something through our links, we may earn money from our affiliate partners. Learn more.

When did you last read about a small business being hacked in the news? Once this happened rarely. But according to the Verizon 2019 Data Breach Investigations Report (DBIR), 43% of cyber-attacks target small businesses.

And cyber attacks on small businesses represent the largest share of all the attacks in the report. The disparity highlights a lack of resources and knowledge. So small business owners must learn more and invest in better digital security. But cybercriminals also seem aware of this disparity. And this explains why they target small businesses in higher numbers.

Bryan Sartin serves as  executive director of security professional services at Verizon. And in the press release for the report, Sartin explains in detail about the importance of being aware of your security risks.

Sartin says, “As businesses embrace new digital ways of working, many are unaware of the new security risks to which they may be exposed.” And he goes on to explain how businesses, “Really need access to cyber detection tools to gain access to a daily view of their security posture, supported with statistics on the latest cyber threats.”

Finally, Sartin emphasizes the need to see security correctly. It must work as a “Flexible and smart strategic asset that constantly delivers to the businesses, and impacts the bottom line.” But cyber attacks impact the bottom line of small businesses dramatically. And they can result in companies going out of business. Unless they’ve created a robust recovery system.



2019 Small Business Cyber Attack Statistics

The Attacks

The report shows the vector for the attacks can come from anywhere.



The majority (69%) of the attacks proved to be work of outsiders. And 39% originated from organized criminal groups. But nation-state or state-affiliated actors also took part in 23% of the breaches.

Internal offenders involved themselves in 34% of the incidents. And 2% of those proved to be partners in the firm. While 5% were identified as multiple parties.

The report also covered the methods for committing these crimes. So 52% of the breaches resulted from hacking.  And other tactics include social attacks (33%), malware (28%), events caused by errors (21%), misuse of authorized users (15%), and physical actions (4%).

The Victims

Verizon says no business is too small or too large to fall victim to a data breach. And no industry vertical has proved immune to attack. So the 43% of targeted small businesses highlights no one is off-limits.



Meanwhile 16% of cyber attacks target public sector entities. And 15% focus on healthcare organizations. Meanwhile 10 % of attacks  hammer the financial industry. But some segments seem more prone to attacks than others.

Verizon says the business model, type of data transmitted and retained, customer base, and the technologies needed to secure their environment are all factors.

The report recommends businesses look beyond their industry. So they can learn from other sectors. And the perspective they gain from the experiences of other industries can provide valuable insight.

Check this list of attacks according to industry:



  • Accommodation and food services – 87 incidents with 61 confirmed data disclosure
  • Educational services – 382 incidents with 99 confirmed data disclosure
  • Financial and insurance – 927 incidents with 207 confirmed data disclosure
  • Healthcare – 466 incidents with 304 confirmed data disclosure
  • Information – 1,094 incidents with 155 confirmed data disclosure
  • Manufacturing – 352 incidents with 87 confirmed data disclosure
  • Public administration – 23,399 incidents with 330 confirmed data disclosure
  • Retail – 234 incidents with 139 confirmed data disclosure
  • Professional, technical and scientific services – 670 incidents with 157 confirmed data disclosure

The report reveals cyber criminals are ever present. And they wait for the right opportunity to steal your information. So regardless of the type or amount of your data you must remain vigilant. Do you have a digital presence? Then you must be ready for the inevitable. And being ready remains the best way to reduce the impact of any breach.

Get Ready

Stay proactive about protecting your digital presence. Keep informed. And try to understand the threat landscape of today’s digital ecosystem.

Don’t worry about being an expert. But keep current on cyber risks. And this makes you aware of your vulnerabilities. Lack of information about cyber risks can prove dangerous. It hurts your ability to mitigate and recover from attacks. But staying informed enables you to plan. You can consider different scenarios in the event of a breach.

Do you lack confidence in your digital security capabilities? Then hire a security expert. And have them implement a protocol with industry-leading best practices and strong governance.  You serve as owner and decision maker in your business. So you must make everyone in your business accountable for their actions. But without strong governance, your new system will prove a waste of time and money.



Best Practices Recommendations from Verizon

Keep it clean: Many breaches are a result of poor security hygiene and a lack of attention to detail. Clean up human error where possible, and then establish an asset and security baseline around internet-facing assets like web servers and cloud services.

Maintain integrity: Web application compromises now include code that can capture data entered into web forms. so consider adding file integrity monitoring on payment sites, in addition to patching operating systems and coding payment applications.

Redouble your efforts: 2FA everything. Use strong authentication on customer-facing applications, any remote access and cloud-based email.

Be wary of inside jobs: Track insider behavior by monitoring and logging access to sensitive data. Make it clear to staff just how good you are at recognizing fraudulent transactions.



Scrub packets: Distributed denial of service (DDoS) protection is an essential control for many industries. Guard against nonmalicious interruptions with continuous monitoring and capacity planning for traffic spikes.

Stay socially aware: Social attacks are effective ways to capture credentials. Monitor email for links and executables. Give your teams ways to report potential phishing or pretexting.

The Verizon Study

The Verizon DBIR report is an industry standard in digital security. The 12th edition of the report contains the analysis of 41,686 security incidents including 2,013 confirmed breaches.

The report analyzed close to 1.5 billion data points of non-incident data from contributors, and according to Verizon, this was a substantial increase.



This year the FBI Internet Crime Complaint Center (IC3) contributed to the DBIR with impact data from business email compromise (BEC) and computer data breach (CDB) reports.

You can get the entire 2019 DBIR report and executive summary on the resource page.

Image: Depositphotos.com


More in: 2 Comments ▼

Michael Guta Michael Guta is the Assistant Editor at Small Business Trends and currently manages its East African editorial team. Michael brings with him many years of content experience in the digital ecosystem covering a wide range of industries. He holds a B.S. in Information Communication Technology, with an emphasis in Technology Management.

2 Reactions
  1. These attacks will always go for the easiest target possible. Bigger companies tend to have more resources to fight and are better protected. SMBs may not be as big a prize, but if you can get more of them faster, it pays off just as well.

  2. Yes. This is the reason why cyber protection is very important. It is no longer an extra cost.