More than 60,000 businesses were victims of cyber fraud last year – CFIB

The COVID-19 pandemic forced businesses to digitize, but that same move has exposed them to more cyber risks, a new report has found.

A survey conducted by the Canadian Federation of Independent Business (CFIB) found that nearly a quarter of businesses have experienced cyberattacks since March 2020. Of those businesses, 5% said that the cyberattack against them was successful.

CFIB noted that the figure represents about 61,000 small and mid-sized businesses that were victims of cyber fraud last year, relative to the whole economy.

The federation also found the following:

• Over 80% of businesses that experienced a cyberattack said it came through email scams and phishing attempts.
• 50% said they experienced a cyberattack after encountering malicious software.
• The businesses most at risk of cyber fraud are:
  • Those with 20 or more employees
  • Those who allowed their employees to work remotely or made any changes to their online presence
  • Those in the manufacturing, wholesale trade, business services and enterprise and administration management sectors

"While many small businesses have adapted to the pandemic by adopting new technologies, remote work arrangements and ecommerce platforms, these changes have also created new opportunities for cyberattacks," said CFIB vice president of national affairs Jasmin Guenette. "It's more important than ever for small firms to protect their information systems."

"When a small business suffers a cyberattack, the effects can be very heavy, from stress and financial loss to compromised personal and banking information and negative impacts on business relationships," added CFIB senior analyst Andreea Bourgeois. "Many are investing more in their IT infrastructure – $6,700 on average – but beyond that, they have few recourses if a cyberattack is successful."

CFIB has recommended that businesses invest in cyber insurance to protect themselves against the risk of cyberattack.