‘Cybercrime’ is a growing and popular phrase that more people are becoming familiar with. Defined as “criminal activities carried out by means of computers or the Internet” cybercrime can include anything from hate crimes, to telemarketing, internet fraud, identity theft and credit card account thefts.
On a personal level, cybercrime can be devastating to an individual. A cyber-thief can hack into your accounts, gain information about you as a person, and use this to enter your bank account information or steal your identity. But imagine this on a larger scale – when a business is attacked by a cybercriminal. A cyber thief could access information from the company’s payroll department, gaining information on all the staff, all their addresses and all their bank account information. Not only this, but they could use data and information found on the company’s servers to a detrimental effect. Unsurprisingly, more and more businesses are also now feeling at risk of cybercrime.
The BBC has today (24/08/16) reported that universities and NHS trusts in England have been ‘hit hard’ by ransomware. Ransomware is a type of “computer malware which encrypts files and then demands ransom for their release”. Bournemouth University has been hit 21 times in the last 12 months by this type of cybercrime.
According to the PwC global economic crime survey, around 55% of UK firms have fallen victim to economic crime in the past two years. The fastest-growing area of fraud is cybercrime, which made 44% Britain’s economic crime – a big jump up from the previous year at 22%. More cyber thieves are hacking into company servers with ease, gaining information quickly and hiding their tracks.
How are businesses reacting?
Surprisingly, a third of companies surveyed by PwC global economic crime survey had no plans in place to fend off online fraud. This leads companies completely open to attack and staff members vulnerable. Slowly, with education, companies are beginning to understand the implications of not having security and firewall systems in place.
How is the Government reacting?
The growing concern over the rise in this kind of online crime has seen the government pledge to spend £860m on a national cyber security programme to help small and medium sized businesses be better prepared for such an attack. Additionally, former defence secretary Liam Fox has also called for legislation to be put in place to make it a legal requirement for firms to report cyber-attacks when they happen. This allows for a better crackdown on these criminals by Police investigating the cases.
What can businesses do?
- Keep systems updated – make sure all your antivirus software is up to date. If your PC tells you it needs to spend some time updating, let it. A few minutes updating your firewalls and systems now could prevent a larger attack in the future.
- Educate staff - in many instances, a cyber criminal is able to get into a company’s system through targeting an employee in the company. This is usually, although not always, completed via an email message. The email may mimic someone else in the company, fooling the person into giving out personal details, or it could ask the staff member to click on a link which puts their PC at risk and sensitive information to be accessible to the thieves. Educating staff on what to do in these instances is important. Adopt a policy of ‘if you’re not sure, don’t click’ and inform staff of any cybercrimes ‘doing the rounds’ which they could encounter themselves.
- Go to the cloud – Many businesses save money and time by using cloud services for handling their application needs and data storage. Reputable companies, like Google and Dropbox, allow staff members to store files and data virtually in the cloud, which can often be safer than purchasing your own server that is vulnerable to attack.
- Ask a professional to help you- it may seem like an expense, but hiring a professional to help you with your IT security is a great way to ensure the safety of your company’s data. Business2community.com says, “There is a good reason that large companies, such as Facebook, have created programs that reward those who investigate the security of a website. These are fondly referred to as “ethical hackers” and can help you see where any security risks may lurk in your company.” There are many professionals which can be contacted in the Yellow Pages or online that can offer a consultation for you and your company, so that you can discuss your worries and concerns for your company’s security and they can develop strategies and technologies with you to reduce the likelihood of a cyber crime on your business.
- Have a damage control procedure in place – It is important that you set out a strategy for dealing with a cyber attack so that if it happens to you, everyone knows what to do. The quicker you react, the less damage it can cause. So, for instance, you may choose to have a quick shut-down procedure in place so that all servers go offline in the event of a cyber crime. You may ask staff to change passwords on their accounts and you may even have a fraud hotline set up for customers who could be concerned with their data being leaked. By preparing now, you could minimise damage should the worst happen.
Whatever the size of your company or the industry that you work in, you’ll likely have data and information, as well as bank account details, that you won’t want getting in the wrong hands. Don’t be an online target to cyber criminals; get the right systems in place to diminish the risk of cybercrime and educate your staff well, so that they know what to look out for. Above all, don’t think you’re untouchable to such crime. It can be all too easy too think it will always happen to someone else. The modern world we live in means that this kind of crime is increasing, so we must evolve and adapt accordingly.
The following video from Sky News gives an understanding of how hackers, teenagers in particular, are targeting company websites for profit by using ‘off the shelf’ type tools.
Devitt offer a Cyber Insurance package which is arranged through CFC Underwriting, a leading provider of such products. If you would like to find out more a call a member of our Commercial team on 0845 300 4868.