So much of modern work is now done on personal computers, smartphones and tablets, and while we embrace the advances in technology and the ease with which tasks can be completed, it’s easy to forget that technology brings its own risks too.
In the last three years there’s been lots of news about data breaches affecting large companies, but the reality is that just about anybody can be targeted by a cybercriminal.
Research from the Federation of Small Businesses (FSB) shows that a staggering seven million cybercrimes are committed against smaller businesses in the UK every year – that’s 19,000 a day. On average, a cybercrime incident costs a small business victim almost £3,000 in damages, and it can take over two days for the business to be back up and running.
Cybercriminals and how they operate
Cybercriminals are foremost concerned with increasing their financial gain. They seek to do this by stealing private financial information, personal details and account login credentials, so that they can go on to commit fraud, data theft or extortion.
This can include anything from stealing a customer’s information to commit identity fraud with other services, to selling stolen credit card numbers or account profiles on the dark web for cash.
But some hackers are playing for higher stakes – if they can infiltrate a company and trick employees into thinking that a fake email comes from an actual customer, supplier, business service or a superior, then there’s a chance they can trick employees into sending huge amounts of funds to a bank account owned by the cybercriminal.
Malware, DDoS attacks and phishing emails
There are several methods cybercriminals use to attack businesses:
How to protect your business
You don’t have to wait for the bad guys to come calling – there is a lot that businesses can do to avoid becoming victims.
Here are some tips that all small businesses should follow, as recommended by the National Cyber Security Centre and FSB Cyber Protection advice line:
A good pointer to remember is: Are you expecting an email from someone? If an invoice comes through from a supplier for a service that you haven’t had, it’s probably a scam. It’s also a good idea to look at the email address that the email orginated from – is it the same domain as the service you use?
And in particular, if an email is ever sent to the finance department requesting a transfer of funds, the employees concerned should always check in person with the superior who sent them the email.
FSB members have access to a data and cyber advice line run by cyber security experts, along with basic cyber insurance of up to £10,000 cover for third party claims - covering legal liability for damages and costs following a claim brought against them for a cyber attack, data breach or e-media issues such as libel, slander and defamation.
FSB Cyber Protection includes an insurance policy with cover of up to £10,000 and an unlimited use helpline to answer all your Cyber Security questions.