Cyber crime and fraud now account for half of all crime in the UK, as reported in the latest crime figures from the Office for National Statistics, which is a 65% increase in cyber crime compared with the same period in 2019. If you look a little deeper into the numbers you can see that the 65% increase occurred during April to June this year, a clear indication that Covid 19 is having an impact. This could be down to cyber criminals taking advantage of security vulnerabilities caused by organisations moving employees to home working and the increased risks this causes.
As more and more organisations replace face to face communication with digital communication, and have employees working from home, increased transmission of sensitive data internally and externally massively increases the volume of targets for cyber fraudsters. This data is often an organisation’s biggest asset, which can carry a huge financial value, and this hasn’t gone unnoticed by the criminals. Research has found that globally:
- 64% of companies have experienced a cyber attack
- There is a malicious attack on the web averagely every 39 seconds
- 30,000 websites are hacked globally every day
- in 2019 43% of data breaches in the UK involved SMEs
SME business owners often say that their business won’t be of any interest to a cyber criminal and therefore they aren’t at risk. However, this isn’t the case anymore as the vast majority of this type of crime is not committed by an individual making a decision on who to attack. Attackers are becoming more and more sophisticated, using machine learning and artificial intelligence to automatically identify vulnerabilities in what appear to be very secure systems and then automate attacks. So all organisations are targets, including SMEs. In fact organisations with up to 250 employees have the highest rate of targeted malicious emails.
There was an interesting article written back in January 2019 by about the approach of automated cyber attacks and the types of attacks to expect, and you’ve guessed it, yes they are here! Naveen wrote about:
- Credential Stuffing – using stolen passwords to access multiple user accounts
- Badbots – using malicious bots to create and take over user accounts
- Malware – identify loopholes in system security and launch automated cyber attacks
- Spear-phishing – machine learning used to train systems using publicly available data to develop convincing emails for phishing attacks.
Thankfully security software providers are exceptionally good at keeping one step ahead of the cyber criminals, so all SMEs should have comprehensive security software installed on servers and devices. This includes devices being used by employees working remotely or at home. But it isn’t all about the security software, a company’s biggest risk to cyber security is their own employees. A study by IBM in 2019 found that 95% of cyber security breaches were down to human error. Of course we can all make mistakes and click on that link in an email that looks as if it’s genuine, but this risk can be greatly reduced with staff training in Cyber and Information Security.
Unfortunately, cyber crime is not at top of many SMEs concerns at the moment, as there are so many distractions such as the Covid pandemic and Brexit. SMEs often don’t have the sophisticated security systems in place that the large businesses do. It is likely that they don’t have a dedicated team, or in the smaller SMEs even a dedicated person, with responsibility for cyber security. Automated cyber attacks will home in on the weaknesses in any system security, meaning that if an SMEs systems aren’t fully secure or staff are not adequately trained in identifying and the avoiding risks, they will be an easy target. Head of Forensic and Counter Fraud Services, Jim Gee, said that in the last 3 months there has been a 344% surge in organisations suffering a cyber attack. So security systems and staff training are something that SMEs definitely need to prioritise. The impact of a cyber attack can be a huge expense, a detrimental impact on reputation and even put an SME out of business.
The multi award winning eLearning Marketplace is the UK’s largest provider of immediate access online training with customers in over 50 countries. Courses range from compliance and professional development to vocational qualifications up to Level 7. We work with subject matter experts and large e-learning publishers to bring our customers a unique catalogue of over 2500 online courses with a price match guarantee. Customers have free private use of cloud based software to track, manage and evidence staff training, allocate licences to users and run sophisticated reporting.
Not all courses are on the website so if you can’t find what you are looking for please do get in touch: 0844 854 9218