The Business Exchange Bath & Somerset Issue 5: Autumn 2017 | Page 23

TECHNOLOGY Are cyber attacks really on the increase? by Ian Sandham, Branch Director, for Bluefin in Bath In the first quarter of 2017, data breaches were 39% higher 0 than the same period in 2016. Cyber security is improving; hackers see that as a challenge and evolve their techniques. How has cyber crime evolved? Are Small Businesses at risk? For more information visit: • Wi-Fi: there are over 200,000 1 videos available online that show how to hack WiFi, some using legitimate tools. Cracking WiFi provides access to online activity including banking and email. 60% of banking 2 is now done online; this is a 100% increase since 2006. Small businesses are victims to about half 5 of cyber attacks. 0. www.itgovernance.co.uk/blog/number-of-data-breaches-rises- by-39/ • E-cigarettes: using a computer’s USB port to charge e-cigarettes. With small modifications these devices can access data as soon as they connect. To avoid this implement stringent rules regarding the use of business hardware for personal use. Also known as ‘PoisonTap’ 3 . • Cost to hack: because of the ease of access, lower skill and less technology is needed. The cost and effort required is low so an “easy win” for a hacker. • Social hacking 4 : Criminals hack personal and social accounts to collect data. Using the hacked account they research online activity to obtain more passwords. They then build a fraudulent profile. Techniques include: What is the real cost of a cyber attack? • Pretexting: hacker makes contact with a seemingly legitimate purpose. What makes them a target? • Lack of IT security: no capital or expertise to keep up to date. • Data has value: SMEs have the data that hackers want - credit card information, client details and a need to keep trading. In a report issued in 2016 the average cost per compromised record was calculated to be £104 6 . Multiply that by hundreds of records and the cost of a breach can be overwhelming. • Diversion: when the hacker intercepts and diverts your activity. What can be done to prevent or recover from a cyber attack? • Baiting: offering you something that is too good to be true that is linked to a malware installation. Consider outsourcing your IT security and make sure your insurance covers a cyber breach so that recovery is swift. 1. www2.idexpertscorp.com/knowledge-center//single/data- breaches-made-easy 2. www.statista.com/statistics/286273/internet-banking-penetration- in-great-britain/ 3. www.news.sky.com/story/e-cigarettes-can-be-used-to-hack- computers-10908333 4. www.intego.com/mac-security-blog/social-hacking/ 5. www.webbfg.com/small-businesses-likely-hacked/ 6. The Ponemon Institute Cost of Data Breach Study: Global Analysis 2015 For more info: www.bluefingroup.co.uk [email protected] 01225 444553 What IT firm Systemagic are doing to ensure their clients are one step closer to compliance. Is your business GDPR ready? Bradford-on-Avon based IT support firm Systemagic have defined exactly what they will be doing to help bring their clients significantly closer to being fully GDPR compliant (General Data Protection Regulation) before the regulation is introduced next May. • • • • • Firewalls Secure Configuration User Access Control Malware Protection Patch Management The majority of businesses should have all of these key elements put in place as part of general good business practice. For James and his team it’s a case of reviewing what measures are in place for their customer base, documenting them and reviewing regularly to ensure that everything is working and running efficiently. If you are concerned ab