In the first quarter of 2017, the number of data breaches was 39% higher than the same period of 2016. This shows that cyber crime and hacking is an ever-expanding risk to businesses.
How easy is it to hack a business? How do criminals get into your systems and steal your data?
There are many methods hackers continue to use and evolve to get past security and break into your system.
- Ransomware: criminals get access to your IT infrastructure through, for example, sending an email with a link that is clicked on. They then hold your systems to ransom until you pay.
- Wi-Fi hacking: there are over 200,000 videos available on the net that show anyone how to hack WiFi, some using common and legitimate tools. Cracking your WiFi, gives the hacker access to your online activity – even your banking, 60% of banking is now done online; this is a 100% increase since 2006. The year on year trend for increased online banking would suggest that within the decade almost all banking will be online. Cyber security is going to play an increasingly important role both at home and at work.
- E-cigarettes: using computers USB port to charge e-cigarettes. A simple everyday task, which can become a deadly enemy. With only a small modification, these devices can access your data on your computer system as soon as they connect – even on a locked system, this type of hacking is sometimes known as ‘PoisonTap’. To avoid this risk implement stringent rules regarding the use of business hardware for personal use.
- Social hacking: Criminals hacking your personal and social accounts to collect data, which they can then use against you. They can then obtain passwords or information about where you are a customer, which they then use to ‘legitimately’ gain access to further information about you and start building up a profile on you. The more information they have on you personally the more able they are to hack more secure sites such as your business or banking accounts. Some of the more common techniques social hackers use to gain access to you details include:
- Pretexting: hacker contacting you with a seemingly legitimate purpose.
- Diversion: when the hacker intercepts and diverts your activity e.g. by adding a cc in an email, or diverting a payment to another account in a supplier change situation.
- Baiting: offering you something that is too good to be true – a freebie – that comes free with a link to a malware installation, which launches as soon as you click the link.
What size of business are most at risk?
It is a commonly held belief that only larger companies are at risk of hacking, as they have more to steal. Yes, the larger companies have been victims of this type of attack: Google, Debenhams, and the NHS to name a few. However, smaller organisations are as likely – and potentially a lot easier – to target. Small businesses actually make up about half of those businesses who suffer attacks – they just don’t make headlines. So why are they at risk?
- Lack of IT security: small businesses may not have the capital or an IT department to keep up to date with IT security, especially with its ever-changing nature.
- Cost to hack: because of the ease of access, the cost to hacking a smaller company is vastly smaller than that of a larger company. Less skill, less technology and less links in the chain to successfully hack a business. Despite the rewards being less than a “big business” hack, the effort required is low so would be an “easy win” for a hacker.
- You have what they need: Small/medium businesses still have the data and assets that hackers want – credit card information, client details and a need to keep doing business.
Any size business is a great target, and therefore you need to ensure you are aware of your weak spots. Anticipating the risk is half the battle, so prepare.
Did you like this blog? Sign up to our newsletter for regular updates.
Number of data breaches rises by 39%