don't be a victim of cyber-crime in 2019

The last few years has taught us that cyber-crime is not a subject that can be ignored.  From simple email ‘phishing’ fraud to large-scale data thefts from the biggest companies, it can affect anyone.

The idea of using the internet to commit a crime is not new; however the problem continues to grow as more people are becoming increasingly reliant on the internet for making purchases and storing personal information.

In fact, did you know it has been reported that in proportion to the total number of crimes, cyber-crime now accounts for more than 50% of all crimes in the UK (National Crime Agency)?

This statistics seem worrying, right? But what exactly do we mean by cyber-crime?

What exactly is cyber-crime?

Cyber-crime, or computer-oriented crime, is crime that involves a computer and a network. So-called ‘cyber-criminals’ may use computer technology to access personal information, business trade secrets or use the internet for exploitative or malicious purposes. Common types of cyber-crime include online bank theft, identity theft, online predatory crimes and unauthorised computer access and denial of services. More serious crimes like cyber terrorism are also of significant concern.

To help prevent you from becoming a victim of cyber related attacks in 2019 (and beyond!), we have put together some helpful tips and guidance to help you stay safe online and protect your server.

So what can you do to avoid being a victim?

Prevention is always better than cure so, as a bare minimum, you should have all or most of the following in place:

  • Implement security policies on your server(s). This means having a firewall in place and all PCs should have anti-virus software enabled.  Windows 10 comes with built-in anti-virus, for example.
  • Educate staff so that they know they should not open emails with attachments from unknown sources (this is the most common source of ‘ransomware’ attacks – a particularly nasty form of cyber-crime). Employees should also be trained on how to spot attacks. If you fail to train your employees to be aware of potential security threats, you may be inviting big trouble ahead. 
  • Use strong passwords.  Your passwords should ideally be reasonably long and and use symbols and numbers. Use a different password for each account and use a password manager. Being smart with passwords can also help prevent unauthorised access to devices and networks.
  • Make sure all data is regularly backed-up to a secure site. The more layers of backup you have in place, the better your data and business are protected and the less exposed you will be to business disruption.
  • Have a cyber-attack response plan in place. Develop an appropriate cyber-security response capability which will enable you to adopt a systematic, structured approach to cyber-security incidents, including selection and management of external suppliers. 

It is also important to know what what to do if you do become a victim. After all, cyber attacks are one of the biggest security threats that companies face, but one that many are not prepared for.

What should you do when you are attacked?

  • Don’t be in denial – be open and honest about what security breach(es) have occurred if it affects your customers. This may include owning up to an error on the company’s behalf; don’t sacrifice the integrity of the company to try and cover up a genuine mistake. 
  • Do inform your customers – customers should be quickly informed, especially those whose data has been compromised.
  • Don’t pay ransoms!  Generally, you should not agree to payment.  There is no guarantee you will get your data back and you are in effect rewarding criminals.
  • Investigate the source of the breach and fix it! Ensure the error/ breach will not happen again.
  • Recover systems, data and connectivity.
  • Be proactive and reflective. Improve any processes that enabled the breach, gain experience and be prepared for next time.

If you have any concerns about your security policies or would like some advice and guidance on cyber-security, please don’t hesitate to pick up the phone and contact us. We are always happy to help – 0161 464 6101.

 

 

Rachel Waters

Rachel Waters

Communications Manager