‘About 80% of known attacks would be defeated by embedding basic information security practices for your people, processes and technology’ – Sir Iain Lobban, Director GCHQ, 2014.
According to a Barclaycard SME survey in 2016, 48% of small businesses in the UK were targeted by cyber criminals in the previous 12 months, and 10% of these on multiple occasions.* Ransomware, unlawful network intrusion, phishing, spear phishing and fraud through social engineering are all rapidly increasing across the South West, including the South Hams, according to the South West Regional Cyber Crime Unit (RCCU).
What to do? Complacency and an ostrich mentality are no longer options if you want to keep your business and, by association, your customers safe. Cyber attacks cost businesses time, money and reputation and in today’s fragile economic climate many would struggle to recover from a sustained attack. Here are our top four tips to staying safe:
#1 Protect yourself from hacking
Use a firewall, encrypt sensitive data and keep software updated. Under half of people in the South West download the latest software and app updates as soon as they appear*, and this is important because software developers are constantly developing ‘patches’ to reinforce software applications as soon as vulnerabilities to hackers are uncovered.
#2 Create strong passwords
Under 30% of people in the South West follow the latest advice on making passwords stronger*. Criminals use the latest computerised password generators to break passwords so don’t make it easy for them. Avoid dictionary words and personal information, use numbers, characters and random word phrases instead, and use different passwords for different accounts.
#3 Protect yourself from malware
Malware comes in a variety of forms – spyware, ransomware, viruses and worms – and is transmitted via infected or malicious webpages, email attachments including PDFs and Word documents, and links in emails and on social media. Only click on or open what you know you can trust and avoid connection to suspect external devices like mobile phones and USB drives. Back up data regularly, use a reputable firewall and anti-virus software at all times.
#4 Get smart about social engineering
This is a rising trend as cyber crooks become more cunning and resourceful in exploiting you for data and, ultimately, money. Techniques include: Phishing (check the addresses of official-looking emails carefully for authenticity and don’t comply with any requests to supply personal information); spear phishing (a more direct form of phishing where the email appears to come from someone you know and prompted by information gained from social media sites); payment fraud (another form of spear phishing directed at accounts departments often requesting changes to account details for payments.
All of these are made easier for the criminals by data leakage, much of it from social media sites. Be wary of what you post online, search the internet to see what data is available about you, keep business and personal information separate, keep security settings high on social media sites and be wary of who wants to follow or friend you – do you really know who or what they are?
Yes, it’s a scary world out there but these simple precautions could save you a lot of anguish and are relatively simple and inexpensive to implement. With cyber crime on the rise, it truly is better to be safe than sorry.
*The South West RCCU recognises the importance that SMEs play in our rural economies and, with permission from the Metropolitan Police Service’s FALCON Protect Team, have reproduced a useful booklet, ‘The Little Book of Cyber Scams’, available as a PDF below. Happy reading.