To tie in with International Cyber Security Month, which launches on the 1st of October, we wanted to take a closer look at the growing trend of cyberattacks and how businesses can look to build resilience and protect themselves online.
In the last 12 months, we know that 39% of UK businesses have identified cyber attacks, with ,31% of businesses estimating they were attacked at least once a week. When looking at businesses that face loss of money or data, the average estimated cost of all cyber attacks in the last 12 months was £4,200. But when you look just at medium and large businesses; the figure rises to £19,400.
The most common threat is where targets are contacted by email, telephone (vishing) or text message (smishing) by an attacker who poses as a legitimate company/organisation - NHS, Amazon, Post Office, HMRC or similar. Their intention is then to lure individuals into providing sensitive data such as personally identifiable information, banking and credit card details or passwords.
https://video.wixstatic.com/undefinedAt the Cyber Resilience Centre, we can run a ,Simulated Phishing Exercise, which helps to raise your staff's awareness of phishing emails and guards your business against the growing trend of social-engineering threats. By training your employees about what a phishing attack looks like, they are more likely to identify and report scams.
Ransomware is a type of malicious software (malware) that prevents a user from accessing a computer or the data that is stored on it.
The computer itself may become locked, or the data on it might be stolen, deleted or encrypted. Some ransomware will also try to spread to other machines including any backup storage devices connected to the network.
Ransomware attacks are typically carried out using malware disguised as a legitimate file that the user is tricked into downloading or opening when it arrives as an email attachment. A popup message or note is left on the computer asking for a payment to be made to regain access to the data.
https://video.wixstatic.com/undefinedBusiness email compromise (BEC) is a form of phishing attack where a criminal attempts to trick a senior executive (or budget holder) into transferring funds or revealing sensitive information.
The criminals behind BEC send convincing-looking emails that might request unusual payments or contain links to 'dodgy' websites. Some emails may contain viruses disguised as harmless attachments, which are activated when opened.
Unlike standard phishing emails that are sent out indiscriminately to millions of people, BEC attacks are crafted to appeal to specific individuals and can be even harder to detect. BEC is a threat to all organisations of all sizes and across all sectors, including non-profit organisations and charities.
Whether it's your email, social media or some other type of online service, many things can alert you to the fact that someone else is accessing your account.
Being locked out of the account is an obvious indication that something has gone wrong, but the signs can be more subtle. Things to look out for include logins or attempted logins from strange locations or at unusual times. Changes to your security settings and messages sent from your account that you don't recognise are also indications.
This type of threat whereby cybercriminals sabotage and exploit victims often through Instagram and Facebook, causing damage to their online profile. Being locked out of the account is an obvious indication that something has gone wrong, but the signs can be more subtle. Things to look out for include logins or attempted logins from strange locations or at unusual times. Changes to your security settings and messages sent from your account that you don't recognise are also giveaways.
Putting these simple measures in place is a great place to start planning or re-evaluating your current security strategy. We provide guidance, tools and assistance with our ,free-of-charge membership, join us today!
Click to Open Code Editor