As the cybersecurity landscape continues to evolve, so do cyber-attacks. Cybercriminals no longer solely target large companies. In fact, small to medium-sized businesses (SMBs) are now the primary targets of cyber-attacks—and are often incapable of surviving them. 60 percent of small companies go out of business within six months of a cyber-attack.

Today’s reality is that you are likely to face a cyber-attack as an SMB. So, how can you best prepare and minimize damage? Before you can combat your biggest business risks you need to understand them. Here is a breakdown of the top three cyber-attacks that could be a real threat to your business if you don’t have the right defenses in place.



A company is hit with ransomware every 40 seconds. So, what exactly is ransomware?  Ransomware is a type of malicious software or malware designed to block access to a computer system until a sum of money is paid.

In January 2018 a new strain of ransomware was discovered called GandCrab. The malware demands a cryptocurrency fee with the return of the files stolen from your computer.

This ransomware is being marketed and sold as a package to budding criminals who would split the profits with the original developers. This is concerning as it spreads the virus quicker and makes the developers more profit.

In 2017 the overall annual loss for Smaller Businesses was estimated to be $79,841 on average. The financial consequences of ransomware on your company could be dire. In order to protect your assets and business’ future as best you can, it’s essential that you’re keeping an eye out for the right things.

While these top cyber-attacks are hard to identify, there are certain steps you can take to secure your business.

Here are some key strategies:

  • Back up your data
  • Use reputable Anti-Virus Software
  • Keep your computer systems up to date
  • Know how to recognize a possible threat
  • Keep strong passwords
  • Secure mobile devices
  • Use secure wireless networks


Phishing is another extremely common type of cyber-attack to look out for. Phishing is the fraudulent practice of calling or sending emails purporting to be from reputable companies to induce individuals to reveal personal information, such as passwords and credit card numbers.

76% of businesses reported being a victim of a phishing attacks in 2017. Phishing attempts have grown 65% within the last year, and they are getting creative. More of the well known recent attacks have been data leaks hacked from Facebook, Calls or emails from hackers pretending to be the IRS, and phony emails from people pretending to be Google.

Locally, even California State University Campuses have had to respond to impersonation emails sent to their students.

Cybercriminals thrive on exploiting human error; it’s an easy–and dangerous—route. If huge company’s like Facebook, Google, and the IRS can be impersonated, so can yours.

Like ransomware, a phishing attack can result in a serious financial loss for your organization. To prevent phishing attacks on your company, you MUST properly inform and train your employees to recognize and implement the following:

  • The IRS will never email or call you or your company without first a written correspondence.
  • When checking a suspicious email, check the credibility of the sender’s address.
  • Never give your financial information over the phone without having them first confirm your account information.
  • If a Phishing attack from your company has been reported, immediately inform the affected Immediately change your passwords and send out an email warning of these scams.

Unpatched Software

Since cyber attackers exploit vulnerabilities, the last thing you want to do is have unpatched and outdated software. Unpatched software is software installed on your computer that is not secure, and in turn, has flaws.

Hackers use the flaws to create a hole in the application to get through to your computer. People have hacked into Microsoft Excel through its unpatched software, and implant malware to infect your computer as soon as you open the document.

More recently instead of applications, hackers have embedded the malware into websites, causing any computer that visits the site with unpatched software to become infected.

Companies like Microsoft, Apple, Adobe, & Mozilla have altered how they patch their software to prevent malware attacks in the future.

These are measures you can take to keep your computer safe from attacks:

  • Don’t keep software on your computer that you don’t use. Uninstall it.
  • Disable JavaScript in your browser. It is a vehicle for many attacks that come from Web sites.
  • Check regularly for software patches.
  • Keep your anti-virus software current.


Work with Ray Morgan Company – Managed IT Services

At Ray Morgan Company we offer a comprehensive IT assessment to help you better understand your current state of technology and prepare your organization for future needs and growth, as well as prevention of cyber-attacks. Our assessment focuses on these 7 major areas:

  • Disaster recovery readiness
  • Critical data backup for business continuity
  • Recovery time predictability
  • Device and network capabilities
  • Infrastructure redundancy
  • Change management preparation
  • Security protection

Upon the completion of the assessment, we present our findings which include:

  • Fact-Based IT Assessment
  • Defined disaster recovery plan
  • Business continuity ideas
  • Automated backup opportunities
  • Latest critical data recovery plan
  • Governance & compliance suggestions
  • Client confidence assurance

For more information about Managed IT Services visit