Cybercrime – you can’t be too careful

Caroline Williams ENGANL00120131017110042

Caroline Williams ENGANL00120131017110042

0
Have your say

Cybercrime – something that only a short while ago was science fiction, when it was the sort of story that made for blockbuster screenplays in which evil geniuses manipulated computer data to destroy big businesses.

Now, it’s a threat to companies of all shapes and sizes – and it’s getting worse.

Last year British businesses lost a £1billion to cybercrime, and that was a 22 per cent increase over the previous year. Police forces across the UK recorded an average of of £19.5 million total loss by businesses in their areas, so if Norfolk was no more than average, it was serious. And if you want some more figures, 65 per cent of large firms detected a cyber security breach or attack in the last year; 25 per cent of them experience a breach at least once a month – and yet only 51 per cent of them have taken any of the recommended actions to identify cyber risk.

It would seem then that we’re all getting better at using the technology, but not necessarily improving our precautions against the criminals who abuse it. Why? Because the employees of most corporate victims have low levels of knowledge and poor security practices. Even the early adopters of the digital world have been rather more tardy in sorting themselves out. Only 25 per cent of the companies attacked have formal written cyber security policies, and just 10 per cent have any formal incident management plan. So what does cybercrime look like? In truth there are so many variants that it would take more space than I have to list them. But, here are some of the ways in which businesses, of all types, have been hit.

High on the list of scams is mandate fraud. On the face of it it’s simple. Fraudsters get staff to change direct debits or standing orders, usually by pretending to be a supplier. It’s a highly targeted practice and it’s increased by 66 per cent in a year!

Also increasing rapidly is CEO fraud, sometimes called a whaling attack. It’s usually email based and works by tricking an employee into making a transfer or payment by convincing them that the instruction has come from a senior director.

We all rely on technology more than ever. Make sure you’re up to speed, because you can’t be too careful.