The risks to your business

Facebook
Twitter
LinkedIn

It’s an unwelcome fact, but cyber-attacks are on the increase. The methods used by cyber criminals are becoming increasingly sophisticated too, with ransomware, phishing and password breaches all high on the agenda. Stay cyber-smart, by being aware of some of the biggest threats to your business…

Phishing

Most of us have experienced phishing at some point, and 70% of IT professionals have seen an increase in attacks on their organisations since the start of the pandemic. According to Sophos, no industry is spared, with business and professional services experiencing a 76% hike.

Phishing can take different forms, but the classic format involves a seemingly-genuine email from a fraudster, posing as an individual or organisation. The aim is to con the user into revealing sensitive information, or click on a link that will then install malware. Sadly, cyber fraudsters are adept at exploiting world events, like the pandemic and the cost-of-living crisis.

Phishing emails can also range from relatively indiscriminate mass campaigns to targeted attacks. These can be incredibly sophisticated and believable, even using information about your business or staff to create a convincing con.

Ransomware

We’ve all heard of ransomware – a malware that makes it impossible for victims to access their systems – but did you know it’s the fastest-growing cyber threat to businesses? In fact, a recent report found that UK organisations suffer the third highest rate of attack globally, while research suggests that 66% of organisations were hit by ransomware in the last year.

Hackers often plant malware via phishing emails, or by taking advantage of cyber security loopholes or unpatched software. Then, once a ransomware attack has taken place, cyber criminals demand money for the return of data. And while some businesses refuse to pay up, research puts the average ransom payment at US$812,360. Of course, businesses can also face catastrophic disruption until data and systems are restored, which impacts on revenue.

Secure data backups are an essential method of protection, but this needs to be combined with rigorous cyber security controls, solid IT security practices and user education. For more information, contact the Business Cyber Centre team for a free consultation here.

Malware

Ransomware often dominates the headlines, but it isn’t the only type of malware (malicious software). Other forms include viruses and spyware, which enable hackers to infiltrate and compromise systems. They can then steal anything from financial data to private records and personal information, like usernames and passwords.

Antimalware software is an essential line of defence against malware, as is user training. For example, staff need to understand the potentially hazardous implications of downloading files from dubious sources. These may be infected by viruses, which rapidly spread and cause damage. Likewise, trojan apps imitate legitimate applications and, once downloaded, can steal data, spy on user activities and cause device problems.

Compromised passwords

Passwords can all too easily pose a cyber security hazard. Hackers have powerful systems at their fingertips, which enable them to guess thousands of passwords until they have a hit. They use a technique known as “password spraying,” where they test a series of known passwords until they strike lucky. Once they have gained access to the system, then can cause chaos.

While robust cyber security protection is essential, employees need to be educated in password security too. Research suggests that around 82% of data breaches involve a human element, with one in eight employees using personal passwords at work. This of course puts your system at higher risk.

Find out how your business can become more cyber confident, with a free 30-minute consultation. To book, contact the Business Cyber Centre team here.

Recommended

At the end of November, the UK government introduced their new, updated Product Security and Telecommunications Infrastructure Bill (PTSI).
Cyber Essentials is a government-backed, industry-supported scheme to help organisations protect themselves against common online threats!
A guide to start by taking cybersecurity seriously.
Paddy Bradley MBE talks about his responsibility in ensuring that the Business Cyber Centre (BCC) is a success.