Back in August, Wired Magazine published a fascinating look at the NotPetya attack and more specifically its unforeseen effects on the shipping giant, Maersk. The article itself is worth a read if you are interested in IT security, but more pertinent to small and medium business owners is this lesson:
Damaging cyber-attacks propagate themselves quickly without any human intervention, and may go well beyond their original intended targets, so it's important to use layered security tools. An organization like Maersk was “splashed" by an attack intended to bring the Ukrainian government down. That attack was carried out with tools developed by the United States National Security Agency, which were leaked in a breach earlier in the year, and used by cyber attackers took and use for their own purposes.