The number of cyber attacks on UK businesses is soaring, one internet provider says.
Beaming calculated that, on average, each UK business suffered 65,000 attacks via the internet within the second three months of 2017, 52% up on the previous quarter.
This research was done by analysing attacks in real time. Obviously, this is an average and larger companies tended to suffer far more attacks than smaller businesses, but no sector was safe from them.
Most attacks concentrated on internet-enabled devices such as CCTV and building control systems, but attempts to access business databases had increased.
The figures show that, on average, every UK business suffered 105 attacks trying to take control of their databases every day. That compares with an average of 14 daily attacks in the first quarter of 2017.
In a different survey this year, a third of SME owners said they feared it was only a matter of time before their business was attacked.
The good news is that most attacks are spotted and stopped by a business’ firewall. However, it is important that whatever cyber security you use is updated regularly to combat the latest threats.
So, it’s clear that getting good cyber security measures is an essential part of running a business these days.
What are the most common forms of cyber attack?
Phishing – Sending emails with attachments or links to websites which contain a virus of a Trojan which will stay on the system and spy on activity. Although this is a relatively unsophisticated form of attack, it has proved affective and can lead to data breaches or systems being taken down because it relies on human curiosity – opening emails and attachments.
DOS attacks – Denial of service attacks are hacks which are aimed at bringing down a website or placing embarrassing material on it. They are often accompanied by a ransom demand.
Ransomware – Malware which accesses your documents and encrypts them. A ransom demand for cash is then issued.
What can you do?
Make someone responsible for overseeing your cyber security – Ensure there is a focus on this area. Failing to deal with it properly could land your business with a substantial fine, a claim for damages from clients or employees, and severely dent your reputation. Draw up the systems and policies you need to protect your business.
Train your staff – Make them aware of cyber threats such as phishing emails and the importance of regularly changing passwords. The human element is the most important one when combatting the most common forms of cyber attack. Train people not to open that dodgy email or leave information on unencrypted laptops.
Get a good online security system – Many companies use frameworks such as NIST or ISO27001 which include risk assessments, audits, policies, and controls to manage risks. Think about encryption for your devices. Don’t forget about mobile phones and flash drives.
Organise disaster recovery – Think about how your business would function if your website and internal systems were down because of an attack. Talk to cyber security experts and create a plan to recover documents and data and continue to operate. Some cyber security companies also have keys which can decrypt the code used in the most common forms of ransomware.
Get secure cloud storage – Back up your data in a secure cloud system. Don’t pay criminals a ransom to decrypt your information.
Get good cyber insurance – Talk to your broker about the level of cover that you need. The more detail you give them about your business, the more accurate the quote they can get for you. If you implement good security systems, this will help reduce your premiums. Don’t assume that you’re safe because your business is small.
Need advice on the right cyber insurance for your business? Call our expert brokers on 02920 470375.
See more about our services here.