Thousands of small businesses held to ransom by social media hackers



Research has found that one in five have fallen victim to cyber attacks on sites such as Facebook and Twitter, with more than half admitting it had caused ‘significant’ damage to their business as a result.

Almost two thirds of social media hackers also demanded cash ransoms in return for handing back control.

But although the threat still persists, more than a third of all owners and managers had no processes in place for dealing with hacks and less than half of those hit had reviewed their processes since.

Furthermore, 16 per cent of bosses didn’t know how to access their company’s social media accounts and one in four had been locked out on at least one occasion because whoever had the login details had left the company or gone on holiday.

Just 40 per cent of businesses had a dedicated social media manager, with one in four leaving it to younger or junior members of staff – or even those on work experience.

Steve Kuncewicz, business advisory lawyer at Slater and Gordon, said: “Increasingly, a business’ greatest asset can be its digital and social media presence. But it can also be its greatest vulnerability.

“It can take years to build up a following, but a few seconds to destroy it with a careless tweet or post or not being able to respond quickly enough to negative comments and feedback or a hack.

“It is concerning that so many business leaders don’t know the login details to their firm’s accounts to prevent this from happening.”

“Senior managers and owners can be inclined to leave managing social media to younger or more junior staff because of a lack of knowledge about the digital world and an assumption that they know better.

“This is a serious mistake. Implementing a process to sign off content, manage who has access to accounts and react if you suffer a social media incident is vital in this day and age.”

One in four managers said they checked rarely, if at all, to see what their firm was saying on social media – or what people were saying about them. 60 per cent showed the same disregard for popular review sites such as Trip Advisor and Glassdoor.

More than a third of businesses did not have a social media policy and 40 per cent offered no training to staff about posting comments on personal accounts that could bring the firm into disrepute.

Almost two thirds of SME managers were not familiar with the Advertising Standards Authority’s CAP code of conduct and one in 10 had fallen foul of it already.

Steve said: “We have seen countless examples of how incidents can be amplified by social media which can cause major long-term damage to a company’s reputation and bottom line. Also the speed with which potentially damaging events can develop or go viral in the digital again highlights how important it is to be prepared and have robust processes in place.

“Five hundred million people are using LinkedIn now including 23 million in the UK alone, which shows how fast-growing and far reaching just one platform can be. Social media can be a very powerful tool for those who know how to use it, but failure to recognise that and take it seriously could have potentially damaging consequences for a business.”

He added: “We see all too often that SMEs only identify the risk once it’s too late, after they’ve suffered a hack or some sort of serious reputational damage because of a careless or malicious post.

“Almost no one is immune from these risks. Even the biggest and most secure organisations in the world have at one point suffered serious damage due to failures to safeguard and control their digital or social media assets.”