Cyber security risks are a threat today’s organizations can’t afford to ignore. According to cyber security experts, system access, customer data, business credentials and communications are all vulnerable. Plus, an attack can damage trust and harm your business.

It pays to stay ahead of hackers by knowing what to watch out for and how to protect yourself and business. Here are five of the top 2019 cyber security risks identified by experts and what you can do to reduce your cyber security risks.

1. Ransomware Attacks Target Your Work Email

Ransomware is a type of cyber attack that encrypts your computer’s data and holds it for ransom, directing victims to pay hundreds or thousands of dollars to get back into their own systems.

In recent years, cyber security firm Symantec says ransomware attacks on home computers have dropped, but attacks targeting businesses are up 12 percent. Email attachments are a favored tool for targeting the valuable data of businesses and organizations.

What to do: Be aware that email attacks are still a potential threat to business. Ensure you have professional help to security your systems and always keep secure data backups in case of a ransomware attack.

2. New Formjacking Attacks Steal Payment Info

Formjacking is a trick where hackers hijack the payment information forms on the checkout pages of eCommerce websites to steal your customers’ credit card details. It’s a newer type of attack that’s less well known and is trending up.

According to Symantec, 4,818 websites were compromised with a formjacking attack every month in 2018. Cyber security protection was able to catch and block another 3.7 million attempts last year. While household names, such as British Airways and Ticketmaster have fallen victim, it’s actually small- to medium-sized businesses who are most at risk.

What to do: Always keep site backups, make sure to keep systems up to date and don’t delay when new security patches are released. Monitor your website’s security closely and seek out professional site management if needed.

3. Email Attacks Contain Malicious Office Attachments

Email attachments have always posed a threat to businesses and organizations, but the problem is growing. Email attacks target the trust that employees of organizations place in their everyday work. You could become a victim by opening an email disguised as a notification for a business invoice or a receipt.

According to data from Symantec, up to 48 percent of malicious files sent to targets through email were Microsoft Office files in 2018, up from only 5 percent the year before. Small organizations are more likely to suffer an attack than larger companies.

What to do: Think before opening strange invoices or receipts. If you aren’t expecting a receipt or invoice from a vendor, don’t open the file and reach out to the vendor for clarification.

4. Office Macro Trojans Take Control of PCs

As cyber security in the business community improves, hackers are finding new and often complex ways to gain access to systems. Trojan malware attacks are infamous, but one recently discovered by Microsoft this year is very complex.

According to cyber security firm SonicWall, the attack starts with a phishing email that includes an .xls attachment. If the attachment is opened, the file automatically runs an Office macro function. The macro runs an executable file, which downloads a malicious file from the web. That file downloads and decrypts another file in the system memory. When this complex attack is through with its many steps, your PC could be under the control of someone else.

What to do: Scrutinize emails and their attachments carefully before opening. Make sure your malware protection and Microsoft software are kept up to date.

5. IoT Device Hacks Compromise Data and Communications

Smart devices, such as voice assistants, cameras, routers, security systems and even appliances are vulnerable to hacking just like desktop PCs. Internet of Things (IoT) devices represent a soft entry point, where an attacker can steal credentials, wipe data or intercept communications.

According to SonicWall, the threat of IoT malware in 2019 is surging past last year’s total of 32.7 million compromised devices. That figure was already a record high, since just 10.3 million attacks were recorded in 2017. The trend is continuing upwards with no sign of a slowdown.

What to do: Make sure to update your smart devices, particularly when manufacturers release bug fixes or security updates. Avoid relying on smart devices to store or transmit your organization’s most sensitive data.


Remember that protecting against cyber security risks is key to protecting your small business. Train your staff to remain vigilant, take the proper precautions with files and attachments and invest in professional solutions to keep your data safe from malware and other hacking attacks.