Lately there isn’t a day that goes by without hearing about a cyber-attack this could be the 500million Yahoo accounts being hacked, Sony emails being accessed or Lloyds customers not being able to access their accounts. Cyber criminals are not just targeting big corporate business they are just as likely to target small/medium sized business (SMEs) this is due to them having less security in place and making it easier for hackers.
A New Threat
The most common cybercrime affecting companies at the moment is “ransomware”. One way to know if your systems have being hacked is when you turn on your computer and a message appears saying “All your files have been encrypted”. This often means that your accounts, emails and any other data sensitive information being stored on your computer has been scrambled making it unreadable. To get your files back usually requires an unbreakable code only known by the hackers and they will only release this to you if you pay them which can range from £100-£500 per victim.
Hackers will need your permission to install software on to your computer and trick you into giving it, sometimes without you even knowing. An example of this is you receive an email with an Excel/Word/ZIP file attached made to look like an invoice, customer documents, quote request etc. If you then go on to open the attachment you have then just given your permission for the hackers to install malware on to your computer. The attachment will contain a program called a “macro” which are used in common business software like Excel which allow you automate repetitive tasks. However in this scenario they can also be used to download malicious software from the web.
The police policy is not to pay the ransom as every time a hacker is paid it builds their confidence in the profitability of the cyber-crime which will lead to the creation of more ransomware. On the other hand (though not everyone agrees) cyber security BitDefender found that 44% of UK business paid up rather than losing their important files, also an FBI agent told a conference last year that despite official advice it was better to pay.
What Can You Do?
There are ways to make sure that you are protected if you were hacked , such as backing up your data regularly to avoid paying ransom charges but do not leave the backup connected to your computer when you are finished as hackers can encrypt that too. Also be cynical when you receive emails as yourself; are they from a trusted source? Are you expecting it? If you are unsure do not open the attachment on the email to check call the person who sent it to confirm it was them. Use reliable internet security, conduct regular scans and always update your software this is because it is usually to patch up security weaknesses. Java and Adobe Flash are two of the main culprits for people not updating software and cyber criminals use this in order to hack your systems.
Despite potential risk that cyberattacks pose around 45% of SMEs still do not have a cyber breach response plan and only 7% of SMEs have cyber insurance according to industry research. According Juniper Research, who are market specialist, 27% of SMEs believe that they are too small to be of any interest to cyber attackers. Small business are more at risk as they have lower security levels and handle secure information such as booking systems, employee and customer data etc. So in a small business it is important to make sure those managers and staff understand and recognise the dangers of cyber-criminal activity and educate those involved in cyber security and have a data breach plan in place.