Protecting against modern cyber attacks needs a layered approach to security, but many businesses fall victim because of basic mistakes.

Organisations suffered 2-3 focused attacks that breached security each month, according to the latest figures by the Accenture Security index (2017).

The cost of cybersecurity is set to rise from £66 BN in 2015 to £99 BN in 2020, and 70% of companies surveyed noted that cybersecurity was a board level concern.

IT security is high on the UK government’s agenda with the formation of the NCSC (National Cyber Security Centre) & NCA (National Crime Agency).

  1. The cyber threat to the UK business is significant & growing. Cyber crime costs UK business £1bn a year
  2. The threat is varied & adaptable
  3. The rise of poorly configured, irregularly updated internet connected devices gives attackers more opportunity
  4. The past year has been punctuated with cyber-attacks on a scale and boldness not seen before, including a bank heist where 81M dollars was stolen from Central Bangladesh Bank.
  5. The UK government is committed to making the UK a secure & resilient nation.

It’s easy to assume that large businesses and banks are the only ones at risk. While It’s true that businesses in property, law or financial services, who have access to client funds or high value transactions, are at greater risk, the real growth in cyber-crime is in the small and medium business space.

  • £1 billion lost to business from online crime (2015 – 16)
  • £2.3 billion was lost by global businesses from email fraud (2013-2015)
  • 75% cyber-crime reports to us are Friday afternoon fraud
  • £1.57 Million was paid by businesses in ransoms (2016 Q1)
  • 43% of all cyberattacks aimed at small businesses
  • 9 security breaches in 2015 featuring more than 10 million personal records being exposed.

Popular attacks against businesses include:

  1. Business disruption via Denial of Service attacks (through hacking websites or online services)
  2. Email fraud, phishing & vishing
  3. Falsified email & telephone calls
  4. Modified email
  5. Bogus firms in areas such as law
  6. Crypto Malware & Ransomware – viruses which encrypts all your files and demands a ransom.

One-fifth of British companies who had been hit by ransomware reported being charged more than £7900 to unlock their files, and 3% of the demands were in excess of £39800. However there are just as many are low figures, with one-fifth coming in at under £398, which goes some way to explaining why so many businesses pay up.

However as a business there are many precautions you can take which are inexpensive compared to the ransoms you may be demanded and the business interruption an attack may cause.

  • Improving staff awareness so they don’t open obviously malicious emails
  • Testing your backups regularly – can you actually restore from them?
  • Run Modern, regularly updated software and anti virus. (Virus & Malware Protection)
  • Web filtering & security to protect against drive-by malware hiding in plain sight
  • Securing your e-mail systems against spam, viruses and spoofed e-mails

Ask yourself, or your IT team:

  • Do you have a backup testing and monitoring strategy in place?
  • How could you raise user awareness in your team about malicious emails, & how to identify them?
  • Are you running old or out of date software?

For more information on cyber security, please talk to one of our technical advisors.