Cyber security is a hot topic right now, especially as businesses prepare for the new GDPR which could momentously increase fines for affected companies. Research has revealed that UK SMEs were increasingly targeted by cyber criminals in 2016 – up to 230,000 times each. The volume of cyber-attacks experienced by individual businesses doubled during the year, with many threats coming from outside of the UK.
Data breaches affect companies of all sizes, but SMEs can be particularly vulnerable because they often don’t have the IT support and in-house expertise to protect against cybercrime. With the EU GDPR law coming into effect in 2018, businesses will be held more accountable than ever before if sensitive data is compromised due to negligence.
Who are the cyber criminals?
We all have an image in mind when we think of a cyber-criminal, sat behind a keyboard tricking people into revealing bank details or other private information. However, cyber threats come in all shapes and sizes. There are many large hacking groups which are run like a professional criminal organisation, doing research into easy targets and creating viruses and ransomware and performing technical hacks. However, there are also many lone hackers carrying out opportunistic cyber-attacks, preying on outdated software users or those businesses with low security.
How does a data breach happen?
There are many different forms of cyber-attack which can result in a data breach. Many people think that hackers spend hours trying to break down firewalls or guessing passwords to networks, company intranets or personal accounts – however this isn’t always the case, and you don’t have to be particularly skilful to succeed at hacking.
Phishing – this is still one of the major causes of fraud and data breaches, and requires little technical skill. A phishing email or website is basically a fake, but most of the time it looks very convincing and contains malicious links. The target will then voluntarily give away personal information, for example if they believe it is from their bank, or clicking the link will infect the computer with a virus or ransomware.
Password hacking – old school hacking allows criminals to access almost any account or network. Default passwords for hardware or smart gadgets are widely known, and weak passwords are easily guessed.
Technical hacks – Professional hackers usually use some type of software to access private files. This depends on if they want to access and use the sensitive information, or they want a pay-out. For example, cyber criminals get web users to download a malicious file which then locks all files on the computer – and then demand a ransom amount to return the data. Ransomware is sophisticated and has been used in major cyber-attacks, affecting multiple companies and organisations across the world.
Need an IT security expert to check out your current security strategy and prevent cyber-attacks? Get in touch with Pink Chalk.