Businesses Falling Victim to Cyber-crime, Report Finds

A survey conducted by Panda Security found small businesses have a serious lack of anti-spam and anti-malware protection.

Cloud-based security specialist Panda Security has announced its worldwide barometer on security at small and medium-sized businesses. According to a study, which surveyed 5,760 companies worldwide, 44 percent of the more than 1,400 U.S. respondents have recently been infected by Internet threats.

Worldwide, 58 percent were affected, with Brazil showing the highest infection rate at 86 percent. Only 8 percent of SMBs in Germany reported infections.

The survey found 29 percent of U.S. SMBs lack anti-spam protection, 22 percent have no anti-spyware measures in place, and 16 percent operate without a firewall. Fifty percent lost time or productivity as a result of being infected, and 39 percent of respondents said either they or their employees have not received training about IT threats that could affect them.

U.S. SMBs said viruses affected their companies more than any other threat, at 41 percent, and they ranked spyware second, at 26 percent. Worldwide, viruses also ranked first, with 55 percent of respondents naming them the most potent threat to their businesses. Ten percent of SMBs in the United States were affected to the point of having to stop production, with a worldwide average of 30 percent, the survey found.

While 97 percent of U.S. SMBs surveyed have installed anti-virus and 95 percent claim their security systems are up-to-date, many SMBs still lack common security protection. Along with 29 percent of respondents that have no anti-spam in place, 22 percent with no anti-spyware and 16 percent with no firewall, 52 percent of SMBs said they lack any Web filtering solution. Of those U.S. SMBs without any security systems in place, 27 percent said they have not implemented them because they aren't important or necessary, and 20 percent because they are expensive.

"Despite strong efforts in the U.S. to educate businesses about the importance of computer security, a staggering number of small and medium-sized businesses have become victims of cyber-crime," said Luis Corrons, PandaLabs' technical director. "It is especially alarming to see so many businesses fail to adopt the most basic security measures, such as anti-spam and firewall solutions."

The perceived importance of social networking for SMBs may also be having an adverse effect on security, according to a recent report by security software company Webroot. The survey found members of online social networks may be more vulnerable to financial loss, identity theft and malware infection than they realize.

Surveying more than 1,100 members of Facebook, LinkedIn, MySpace, Twitter and other popular social networks, the company uncovered numerous behaviors that put social networkers' identities (and wallets) at risk, including two-thirds of respondents that don't restrict any details of their personal profile from being visible through a public search engine such as Google, and more than half of respondents who said they aren't sure who can see their profile.