The threat of cyber attacks has been something a lot of businesses have ignored or didn't take seriously. After the recent hacks of Talk Talk and the famous attacks of the Anonymous group and Struxnet, businesses are finally waking up to the keyboard warriors war cry.
Statistics from the Insurance Times show that 98% of UK companies do not have cyber insurance, yet 71% of British workers are worried that data theft from their workplace is an inevitability. The threats are real enough, cybercrime annually costs global businesses around £200 billion. In 2014 60% of small businesses experienced a cyber breach with the average cost of a breach being £75,000.
Although the London cyber market totals £160 million, UK companies account for just £25 million of this. It is purely that many firms are unaware of the danger, so in their opinion they cannot justify paying another premium in what is still a difficult economy.
Companies have had Cyber protection at the back of their minds for too long, finally it seems that it has caused enough of a disturbance to some big hitters for everyone to make some changes and look to put some sort of guard up.
There are lots of ways your company can be breached and for numerous reasons. Types of hacks can vary. It could be for disruption, theft or to just play around. Sometimes smaller companies are hacked to get at larger ones as there can be back doors left open. This is evident in the second phase of the Struxnet attacks where known associated companies were infected to be carriers of the malware, then it would be transferred to the intended target through a flash drive (Read more about Struxnet here).
There are not only lots of ways for them to get in but also lots of ways for them to hurt you. The most common is through emails, 90% of attacks come through thanks to employees opening and following phishing links in emails.
A business can be attacked in numerous ways, below are the main methods of destruction.
There are many more ways in which systems can be infiltrated, find them here.
Although we will never be completely protected against cyber threats because they are constantly developing and finding new ways to sabotage and destroy systems. There are a few simple measures that you can put into place to keep the risk of being targeted to a minimum. Be a puppy sanctuary, who's going to attack a puppy sanctuary? But seriously just simple measures that will keep them at bay.
Don't access your private data or site at a Wifi hotspot. Most Wifi hotspots don't encrypt the data that is moving between users and the internet, about 95% of traffic through hotspots is unprotected. This means that your information is free to everyone that is also using that connection.
Change your password. As simple as that, don't continue to use the same password. Your first pet's name isn't good enough. A great password will have upper and lower case letters, numbers, punctuation and anything else you can remember to put in there. A strong password will make hackers' lives so much harder.
Unknown emails, just leave them alone. If you don't recognise who it is from don't open it, and if you do open it please don't open any of the attachments. This is the simplest way to protect yourself and yet it is still the most common way that companies get infected with viruses. This should be communicated to all staff as part of the induction to the business to ensure they are aware of the dangers (find more help from HMRC here.)
Directors & Officers are finding that if you do have a data breach there is more and more chance that they can be held accountable as the number of lawsuits rise as a result of successful attacks. They are exposed to breaches of duty and privacy charges as well.
There is a growing threat out there. Better to be safe and secure by protecting your business, big or small.