The UK’s heatwave this summer has distracted many of us during the holiday period. Busy with vacations, family and friends it’s easy to get your eye off the ball. However, the threat of cybercrime and data breaches to your digital systems is ever present. Any business which has an online presence, or which keeps digital records about its business, customers and staff, is a potential target – whatever your sector.
This summer’s news headlines regularly revealed serious cases of cybercrime – for example recently:
● Huge data Breach at British Airways
The credit card details of thousands of BA customers were hacked as a result of a criminal cyber-attack on its website. By all accounts this malicious cyberattack was a sophisticated one which took place over a two week period, between 21 August and 5 September, all without being detected. It’s estimated that 380,000 customers booked during this time period and that all their personal details were at risk including their bank card details.
● IT meltdown at TSB
Leading bank TSB is said to have lost 12,500 customers as a result of a massive IT failure. The bank suffered up to 10,600 fraud incidents – thousands of its customers received alarming ‘fraud alerts’. The bank admitted that it had been overwhelmed by its IT problems. The catastrophe led to official investigations and ultimately the resignation this month of its CEO, Paul Pester.
● Customer details held to ransom
This summer the high street chemist Superdrug revealed that it was targeted by hackers who claimed to have 20,000 customer details. Although it said that no bank details were taken, customer names, addresses, dates of birth and phone numbers were all targeted. The firm admitted that 386 accounts so far have been compromised.
A huge concern remains that even if immediate fraud is not committed the personal details of thousands of customers are out there and could be sold on the ‘data black market’ for future use.
Under the new GDPR rules , firms have a duty to report to the Information commissioner certain types of data breach which occur. Failure to do this attracts fines as can cases of the data breach itself.
Evolution of Cybercrime
From its small beginning as a type of novel white collar crime, the incidence of cybercrime has grown to become a major worry not only to businesses but for law enforcers and politicians. In pre-internet times, businesses may have been worried about faked signatures, counterfeit currency and goods. Now that seems child’s play compared to today’s sophisticated and remote crimes.
According to experts, 145 billion emails a day are sent globally – of these 1 in 131 are estimated to contain malware or ransomware or being engaged in data theft. While face-to-face crime leaves a physical trial increasing the chances of putting the criminals behind bars, the cyber-criminal is often operating from a keyboard faraway – it’s estimated that the rate of being identified is only 1 in 50 at best. It’s not just individuals working alone either; hackers often work in gangs. At a national level the government and security services have become worried about rogue states and terrorist groups looking to cause economic chaos.
Study after study has confirmed increases in the number of cyber-attacks suffered by business. A recent study revealed that European digital transactions were targeted by 30% more cyber-attacks early in 2018 than in the previous year. Businesses trading online faced a huge 80 million fraud attempts in the first quarter of 2018 according to a study published in Computer Weekly.
It was also found that the nature of cyber attacked was evolving – from shorter fraud attacks to more high-volume ones over a longer period of time. Stolen personal data is now finding its way on to the ‘dark web’, a part of the internet which is not visible to regular search engines and is notorious for harbouring criminal transactions.
SMEs and Cybercrime
While the financial stakes may be smaller for SMEs and they may not hit the national headlines, cybercrime can be just as catastrophic when it affects your business adversely. Any instances of crime are less easily absorbed by smaller firms and make a larger impact proportionally. When crimes do get reported in the local press or local social media groups, SMEs can rapidly see customer footfall falling away. Cybercrime can therefore be a real barrier to growth and profitability.
For SMEs, online crime can mean a range of crimes carried out over their computer networks. Some of the most common digital crimes include:
● Computer viruses – these can be spread via malicious emails and websites
● Theft of online information of money
● Website vandalism
● Phishing attacks
A government-commissioned survey found that 52 percent of small businesses experienced cyber security breaches in the previous year ( Cyber Security Breaches Survey 2017 ). Research by the Federation of Small Businesses indicates that online crime and fraud costs small businesses around £4,000 each.
Prevention is easier than cure
There’s a lot of truth of in this old proverbial advice. It’s much easier to take the right steps to prevent cybercrime happening in the first place.
Here are five simple key steps to improve cyber resilience:
● educate yourself about the threats
● consult professional IT advice
● invest in IT security software and hardware
● ensure you back up your data to guard against loss or being held to ransom
● have a plan for acting quickly if criminal activity is detected.
The most common preventative measures include:
– Anti-virus software
– Anti-spam software
– Encryption software
There are many more measures which SMEs can take beyond this.
Specialists in helping small businesses, 360ict Ltd can help you guard against the threat of cyber crime. We offer a wide range of IT services designed to keep your business IT safe and working at its best.