Cyberattacks Are Creating a Crisis for California Small Business Owners
— In 2023, the United States witnessed over 2,116 cases of data breaches across various industries, affecting more than 233.9 million individuals. Recently, Blueshield California, based in Oakland, faced a breach where consumer data was stolen, potentially impacting thousands of their members.
Unfortunately, these breaches involve illegal access, copying, and/or theft of sensitive and confidential data. The consequences impact hardworking individuals, families, and large and small businesses.
While we often hear about data breaches on big companies, like the recent cyberattack on Xfinity, the reality is that small businesses are typically the prime targets for data breaches to occur. Small businesses lack the robust cybersecurity defenses and insurance coverage of larger corporations, and when they’re hit, the impact can be devastating. On average, a single data breach costs small businesses $200,000, with 60% of affected businesses closing their doors within six months of a cyber-attack.
In 2024, we face an even greater threat. Over $5 trillion in damages is expected due to targeted cyberattacks, many of which are now fueled by artificial intelligence (A.I.). A.I. has reshaped how we interact with technology, allowing machines to learn and make decisions. Sadly, this same technology is now being used by cybercriminals to launch more sophisticated attacks.
A.I. has revolutionized how we interact with technology, allowing computers to mimic human intelligence, make decisions, and learn from data. It processes vast amounts of information, identifies patterns, and adapts to new situations, making it a powerful tool. Unfortunately, cybercriminals are also weaponizing AI to accelerate the threat to our digital security.
As we move deeper into AI technology, small businesses will face a wave of impersonation and phishing attacks driven by artificial intelligence. Hackers leverage A.I. to create convincing content that deceives business owners into disclosing sensitive information. This information is then used to hold businesses hostage, demanding hefty ransoms. Using AI in phishing tactics has made cybercriminals more sophisticated and dangerous.
Hackers are increasingly utilizing A.I. to automate attacks, including phishing, malware, and credential-stuffing attacks. Deep Learning, a subset of A.I., enables hackers to create “Deepfake” content, impersonating voices and manipulating videos to deceive users. With these capabilities, attackers can evade security systems like voice recognition software.
These fake multimedia elements are increasingly used to divert and deceive, often with malicious intent. Cybersecurity experts warn of deepfake-like social engineering attacks to gain unauthorized access to sensitive data.
The magnitude of the threat posed by A.I.-fueled cyberattacks have forced elected officials – including the White House – to seek solutions. Multiple executive orders underscore the national security threat posed by these attacks. The administration aims to shift the cybersecurity responsibility away from individuals and small businesses onto organizations better equipped to handle these risks.
While the rise of A.I.-enabled cyberattacks is alarming, there are steps we can take to protect ourselves and our businesses. Implementing 2-Step Verification, using antivirus software on all devices, verifying website URLs, and remaining vigilant against phishing scams is essential. Logging off when not in use and reviewing and adjusting privacy settings are crucial in safeguarding your digital identity.
Small business owners must know their obligations if a cyberattack impacts them. Victims should also be aware of their rights. California holds one of the nation’s most comprehensive and consumer-friendly set of laws. Consumers in the Golden State can sue tech and online companies if their private, personal information, such as social security numbers and email addresses, is stolen during a data breach.
In 2024, A.I. will drive cyberattacks to unprecedented levels. Protecting yourself and your business is paramount. Stay informed, stay vigilant, and take action to defend your digital world. The time to act is now.
Oscar De La Rosa is the founder and lead attorney at De La Rosa Law, a mass tort and data breach litigation law firm based out of Miami, FL and Washington, DC.
