Just this morning, on the national news channel, the topic of business cyber crime was discussed at length – with specific mention made of the UK’s SME market that remains continually under threat, and singling out the manufacturing sector as a current hot spot.
And today, the news echoed previous sentiments even more with the boss of the EEF, the body that represents the voice of British manufacturing in the UK and Europe, Stephen Phipson reporting that results of a recent survey within the manufacturing industry astonished, with 48% of those surveyed reporting that they have, at some time, been subject to a cyber security incident, and half of these suffered some financial loss or disruption to business as a result. That’s a huge problem – one that could put the UK’s national infrastructure at risk.
And in a recent blog post, we discussed the latest findings of business cyber attacks having been raised to 63%. The reality is that businesses need to avert their gaze from high-profile threats, and turn their “it’ll never happen to us” views inwards towards their own processes, and their own people – where examples such as good employees being passed over for promotion becoming potential vulnerabilities, for example, or worse, people being placed in a business just to steal data.
But, just what are these criminals after, and how should you be protecting yourself, and your teams, from an inevitable attack?
They want your IP
Whether they are looking to steal your trade secrets or whether they’re looking to tap into the data of all of your customers and suppliers, whatever their reason, they’re after something that you have. Industrial Espionage has a new face, and very often, this type of cybercrime comes from within your organisation – and because many organisations don’t have the adequate controls in place that monitor and control access levels to sensitive information, attacks of this nature means that the underbelly of businesses is completely exposed through seemingly-innocent workforce practices. But where things are not so innocent, intentionally malicious insiders now have unprecedented opportunities to steal from a company. “You can buy a USB stick that will download a terabyte of data or use file transfer programs like Dropbox to pull down someone else’s IP without having to hack into anything. These technologies are very effective for industrial espionage,” says Jason Straight, New York managing director for cyber investigations at Kroll.
They want your Money
Ransomware is exactly what it sounds like: a malicious piece of software that gets into your system, and threatens to perform, or restrict, a particular action, unless a ransom is paid. This could be in the form of releasing sensitive information, blocking access to critical processes, or decrypting vital documents. Usually carried out using a Trojan file, a file that is disguised as a legitimate file that the user is tricked into downloading or opening,
According to the latest Verizon report on Cybercrime for 2018, over 53,000 incidents and 2,216 confirmed data breaches have been reported so far for 2018 – a scary reality when we note that we’re only in the 4th month of the year.
They want to make a point
Anyone heard of Anonymous? Although not in it for direct financial gain, this global underground team of hackers is a decentralized international “hacktivist” group that is widely known for its various cyber attacks against several organisations, including governments and religious groups. Originating in 2003, Anonymous stated that they represented the concept of many online and offline community users simultaneously existing as an anarchic, digitized global brain. And they can do a lot of damage. Whether choosing to protest against certain viewpoints, taxation standards, copyright laws and more, this force of cyber know-how has the ability to bring most systems down – all in the name of a greater cause.
They simply want an intellectual challenge
Slightly less known, but no less a threat, this type of cyber hackers enjoys breaking into things that appear unbreakable – proving to themselves, and to the rest of the world, that they can. Not always criminally based, many organisations actually employ the use of “white hat hackers” to break into their own systems to test potential weak points, and security-risk areas. And many actually work within that organisation themselves. However, not all are in it for the force of good – and many, without even being aware. For those up and coming cyber-hackers who are up for a challenge, they simply want to see how far they can get – and although their intentions may not be to harm, their intrusion leaves systems vulnerable and susceptible to breaches.
We’re not into scaremongering. But we do tell the truth – and the figures don’t lie. One thing is clear – the SME community is in the direct line of fire for cyber attacks. And because the SME community is the powerhouse of the UK Economy, we believe in partnering with solution providers who keep SMEs protected and informed. That’s why we’ve teamed up with the Global Cyber Alliance. Read more about our partnership here.