Cyber threats and tips

Top Cyber Threats of 2020  – Protecting South West businesses from cyber crime

With the pandemic forcing more and more people to work from home, sparking a relaxation on the use of personal devices for work purposes, businesses of all sizes have become increasingly vulnerable.

Cyber criminals took full advantage of this vulnerability straight away, knowing full well that businesses hadn’t had time to prepare their security measures for a newly formed remote workforce. Cyber crime increased and businesses were under attack.

In fact the National Cyber Security Centre recently reported that throughout 2020:

  • 2.3 million suspicious emails were forwarded to the Suspicious Email Reporting Service (SERS)
  • NCSC handled 723 security incidents (10% up on last year) and provided support to almost 1200 victims – the highest numbers since the NCSC was formed
  • They also discovered and took down 166,710 phishing URLs

Below are some of most common threats out there.

Ransomware

Put simply, Ransomware is a type of malware that encrypts a victim’s files. The attacker then demands a ransom (hence the name) from the victim to restore access to the data upon payment. Users are given instructions on how to pay a fee in order to be given the decryption key and retrieve their data from the cyber-criminal.

As well as a rise in Ransomware attacks across 2020, the NCSC also noted a significant change in the way ransomware attacks are carried out. ‘Rather than just preventing access to data, criminals are now stealing it and threatening to leak the most sensitive parts to the public.’ Even if you think you don’t hold information which is particularly sensitive, hackers are even threatening to share staff salaries or upcoming business deals and patents. However paying the ransom doesn’t always guarantee access to that data, they can repeat the threat and it can take weeks, even months to resume normal business operations.

It has never been more important to protect your business from this type of attack from both a financial point of view but also to protect your reputation too. For more information on Ransomware, download our latest e-Guide – How to Protect Your Business from Ransomware.  

Or check out ‘4 signs you are under attack from Ransomware’ if you’re ever unsure.

Internal Threats

This is not one of your employees trying to intentionally do you some harm, this is employees who are innocently clicking or downloading malicious content due to their lack of awareness or training around cyber activity. Hackers are getting really clever when it comes to making content look real and genuine, encouraging engagement. In fact internal threats have become more of a concern for business owners this year, especially as your staff are likely to be operating remotely, where you don’t get to speak to them as often like you might in the office. The good news is, it’s easy to train up your staff using affordable online cyber awareness training videos. You can make them part of your on boarding process and run them annually to keep everyone up to date.

Emotet and malware

Emotet is a type of malware that’s been around for a few years now. It’s one of the most tenacious threats out there and it’s constantly evolving. It is most successful with businesses who have weak security systems in place, as it creates a backdoor for hackers to enter and leak sensitive date from either unsecure devices or networks. The Trojan virus spreads through email mainly, but is known also to infect websites and other forms of media. The best line of defence to Emotet attacks is robust security measures, including implementing a VPN on all connections accessing the internet and file encryption.

Phishing Scams

Historically thought of as the cheapest and easiest way for hackers to access your data, these scams are actually becoming more sophisticated throughout 2020. Phishing attacks are designed to lure and pursued potential victims (mainly through the use of email) to hand over payment information, passwords, or other similar types of sensitive data. Phishing attacks also come in the form of sending the victim malicious attachments or links websites in order to infect their device.

Worryingly, these are just a few of the threats South West businesses are facing today when it comes to cyber security but the good news is, there is lots you can do to defend your business from attacks and some don’t even cost you a penny!

Top Tips

Here are our top 12 tips for keeping your business cyber safe

    1. Educate your employees with online cyber awareness training – let them be your best defence
    2. Apply for a Cyber Essentials certification
    3. Turn on Multi Factor Authentication
    4. Back up your files, regularly
    5. Keep your devices and software updated – don’t delay a software update, ever
    6. Create strong and unique passwords
    7. Switch on your firewall
    8. Implement and continuously review your business continuity plan
    9. Develop a disaster recovery plan and test it
    10. Consider cyber insurance
    11. Control how memory cards and USB drives can be used
    12. Discuss your cyber security measures with your inhouse IT team or outsourced IT Partner

If you would like to speak to one of our cyber security experts to discuss protecting your business, give us a call on 01392 796 779, email us at ask@bluegrass-group.com or chat to us live on our website.