Businesses Starting To Take Note Of Cyber Crime
Cyber crime is an ever growing and evolving beast. As it continues to grow and cyber criminals become more savvy, they start to expand the sectors they attempt to infiltrate and cause as much damage as possible.
Wherever there’s a way to make quick and easy money, or a quick smash and grab for personal data, which could be used for a variety of means, a cyber criminal will more than likely exploit it.
When Beaming UK, released its data at the start of the year, it revealed that businesses were hit by over half a million cyber attacks, which shook down to one attack every 60 seconds, as cyber criminals attempted to infiltrate cyber infrastructures.
According to the ‘Cyber Security Breaches Survey 2019: UK Business and Charity Findings’, the fourth of its kind, found that businesses are starting to sit up and take notice of cybercrime, as 78% of businesses now rate it as a top priority.
With the cost of a data breach as a result of a cyber attack ranging between £3,650 – £22,700, dependent on the size of the business, it’s no wonder people are starting to take note of this ever-changing method of crime.
According to the survey, 32% of businesses identified breaches or attacks. The most common, with 80% of those asked, being phishing attacks. Domain impersonation and viruses, malware and ransomware made up the top three attacks with 28% and 27% respectively.
Worryingly, of the 32% of businesses who identified breaches or attacks, 48% of them also revealed that they identified at least one attack a month. 32% of them also revealed that they needed new measures to prevent further attacks
What is the most common cyber attack affecting businesses?
Unsurprisingly, the most common cyber attack businesses face is phishing or scam emails. It’s the most commonly used tool in the cyber criminal’s arsenal.
But what exactly is phishing?
Phishing is the term used when cyber criminals send an email to a person, claiming to be from another organisation. There is usually a link or an attachment in the email, which the ‘sender’ encourages the recipient to open or click on. These attachments/links can then trigger viruses to be downloaded onto your computer or execute a ransomware attack. Both of which can be detrimental to your business.
However, phishing doesn’t just stop there. Cyber criminals adapted their methods to target senior executives in businesses. Referred to as ‘Whaling’ or CEO fraud, the criminals ask the recipient to click on a link to view an invoice that needs urgent payment, or to click a link to update some details. Often money is sent to a criminal’s bank account, or a criminal is granted access to the organisation’s infrastructure because someone let them in, by providing them with the details in an innocuous way.
In our busy lives, people have succumbed to this tactic and followed the instructions in the email. Because it’s a tactic that works, cyber criminals continue to deploy it on a regular basis.
What can be done to protect my business from phishing emails?
46% of large and 31% of medium sized businesses have adopted minimum cyber standards, which they expect suppliers and third parties to adhere to. Although this is a slight increase from the previous year, it is still not enough.
Ensuring you have a positive cyber culture and encourage staff to feel empowered to report cyber attacks can go a long way to helping combat the problem. Small businesses found that empowering their staff has had a positive effect. Of the 31% of small businesses that identified a cyber breach/attack in the last 12 months, 63% had their most disruptive breach reported by employees as opposed to anti-virus software.
Having robust cyber policies in place which tie together employee responsibility, processes and technology (such as anti-virus software) ensure you cyber infrastructure remains secure.