Is Hacking On The Rise?

Over the past year or so there appears to have been an increased focus from cyber-criminals in targeting small and mid sized businesses.

Speak to one of our IT experts: 0333 323 2141

Speak to an Expert

Please complete your details in our simple form and an expert from the Frontline team will be in touch to discuss your business needs.

Is Hacking On The Rise?

At Frontline we get queries almost every other week about a suspicious email or unusual message popping up on one of our customer’s computers or networks. In addition to this, our own staff have started to report an increase in suspicious emails.

This blog takes a look at recent reports in what appears to be a significant rise in cyber-criminal activity targeting businesses and more specifically, individuals within the organisation.

Over the past year or so there appears to have been an increased focus from cyber-criminals in targeting small and mid sized businesses.

Toni Allen, UK Head of Client Proposition at the British Standards Institute (BSI) has said “SMEs have not historically been the target of cyber crime but in 2015 something drastically changed.”

This statement is backed up by a recent survey from Harvey Nash who state that 36% of UK businesses have been victim to at least one security incident in 2015 with the number of SMEs being targeted almost doubling. The latest Government Security Breaches Survey shows that 75% of larger businesses and 30% of small businesses have suffered staff related breaches.

This issue of security hacks and breaches is highlighted further by the EU’s upcoming General Data Protection Regulation which could result in companies being fined up to €20m or 4% of their annual turnover for allowing security breaches to compromise their customer data.

Types of Hacks

There are many forms in which an attack can manifest itself including-
  • Ransomware – a piece of malicious software encrypts all of the data on your company’s network and then the offenders request a ransom in order to ‘release’ the data.
  • Hack attack – a hacker gains access to your company’s network via a vulnerability within the software which allows them to access the company data.
  • Denial of Service attack – a company’s website is inundated with traffic
  • Human error – often a company’s employees are the weakest link, although not necessarily intentionally.  A significant amount of reported data breaches are the result of information being lost or distributed to the wrong person by employees.
There have been some high profile cases recently which have resulted in heavy losses where a criminal poses as a senior figure within an organisation by spoofing an email account and convincing a member of staff to make a payment to a third party.

What Can Your Business Do?

There are a number of government backed awareness campaigns that highlight some pretty fundamental actions that you can put in place including the Cyber Essentials Scheme and Cyber Streetwise.
When discussing the specific cases involving third parties posing as senior members of staff, Frontline’s Technical Services Consultant, Dave Tarbatt states- “Access to company’s e-mail might be the enabler in these scams, but the final action is good old fashioned social engineering where the target company’s employee(s) are duped in to thinking that the fund transfer requests are coming from an ‘authorised’ source.
It is the company’s own validation policies and procedures that need to be improved, i.e. phone up the person you believe is requesting the transfer and verify it directly with them. Don’t just believe the e-mail.
Electronically signing (DKIM) and/or encrypting e-mails might help, but would not fix the problem as the weak point in this scam is human gullibility.”

How Can Frontline Help?

The majority of your business’s computer network information will either be critical and/or sensitive in nature.
Ensuring that this data is protected is of the utmost importance. But how can you achieve that objective if you are not sure whether the corporate network is secure in the first place?
This is where Frontline can help.
We will design a tailored package to meet your business’s specific security needs and requirements. Checks can be made against almost any part of your business including-
  • Software – Operating systems / Applications / etc
  • Hardware – Firewalls / Switches / Servers / etc
  • Security Policy / Procedures – Review and/or create security policy documents for your internal and external use
Speak to Frontline today to see how we could help review and improve your company’s security policy and procedures to mitigate potential losses.

Tags:
Cyber Crime, Data Breach, Hackers, Security, SME,