Research from Aviva (the UK’s largest commercial insurer) shows that:
More than two in five businesses believe they are unlikely to be a target for cyber-crime.
Almost a quarter are worried but not sure what to do to protect themselves.
8% haven’t thought about the risk at all.
However, the Office for National Statistics recently revealed there were 2.5m incidents of cyber-crime just between May and August 2015.
Cyber criminals are increasingly targeting SME businesses due to the lack of security, awareness, risk management and training.
Here are just a few methods cyber criminals use:
Hacking – hacking into your system or stealing data from a mobile device.
Phishing – sending emails purporting to be from reputable companies to obtain personal information.
Pharming – directing internet users to a bogus website that looks genuine to obtain personal information.
Denial of service attack – attacking your website, preventing anyone from accessing your computers or website.
Ransomware – denying access to your files until you pay a ransom.
A business told a recent BBC Scotland phone-in how they were affected by a virus that came in via email - then received a ransom note demanding money to have access restored. They didn’t know how to sort the problem out – but decided not to pay anything to the criminals.
It took three to six months to restore everything because they hadn’t carried out regular back-ups. This meant that some information, such as invoices, was lost. They described the impact as being devastating to their business and very difficult to get over.
Simple steps you can take to prevent your business becoming a victim of cyber-crime:
Have a security process in place to promote safe practice in the workplace – don’t open suspect emails or attachments.
Make sure all data systems have passwords and change them regularly.
Keep firewalls and antivirus software active and up-to-date.
Back-up your data regularly and keep copies away from work premises.
Have an incident response plan in place in the event of a breach/cyber-attack.