Scarily clever crime
The government has just released the findings of its recent study probing the murky world of cybercrime.
According to the new figures, cybercrime is costing the UK economy £27bn a year. Worst hit are UK businesses, losing out on around £21bn a year, though UK citizens and the government itself have also been affected.
But what is cybercrime?
Cybercrime refers to illegal activities which make use of weaknesses in online systems to make a financial profit. This includes things such as identity theft and theft of confidential information, as well as fraud, phishing and spam.
While these types of cybercrime commonly target individuals, businesses are being targeted in a very different way. The government's results show that the most common type of business cybercrime is intellectual property theft – this alone costs the UK an unsavoury £9.2bn a year. Industries most affected by intellectual property theft are pharmaceutical and biotech companies, as well as electronics and electrical equipment companies.
Attacks happen every day, to pretty much anyone. Here's a timeline of September's cyber attacks so far.
The second nastiest type of cybercrime affecting UK businesses is industrial espionage. This involves unscrupulous companies obtaining details of a competitor's research and development projects in order to outstrip them with their own technology. Worst affected is the financial services industry; industrial espionage sets them back £2bn a year.
What’s being done to stop cybercrime?
The government's survey has provided a detailed picture of how cybercrime works in the UK, greatly helping experts to figure out the best ways to wipe it out and limit its damage.
The EU has announced new laws designed to limit the damage of cybercrime. This will work by making rules that businesses must follow in order to protect their customers' information. Organisations will have to tell authorities about possible data breaches within one day, as well as being legally obliged to hire a data protection officer if the company has more than 250 employees.
In order to enforce the new rules, the EU has stated that companies that breach these terms will be forced to pay a fine of 0.5% of their global annual income. However, if a company is to blame for a serious violation of online security rules, they may be fined a whopping 2% of their yearly turnover.
For many small businesses, this may be a bit of a double edged sword: it’s great that the EU is encouraging cyber-safety, but if a company doesn’t quite manage to follow the new rules, a fine of 0.5% of their profits could be seriously damaging. And that’s after they’ve already lost money and professional integrity as a result of a cyberattack: nothing like kicking a small business when they’re down.
How can I protect my business against cybercrime?
Clearly, cybercrime is a threat to be taken seriously. Considering that the EU’s penalties for being a victim of cybercrime could be as potentially destructive as the attack itself, small businesses can’t afford not to up their security levels. Here are a few simple yet effective ways to help businesses arm themselves against cybercrime and other online nasties.
- Passwords: It may sound simple, but having a strong password on your computer and other online accounts can go a long way in protecting against cybercrime. Never use a date of birth or other personal information as this is too easy to guess, and try and make passwords at least eight characters long with a mixture of letters, numbers, and symbols. And don't just use the same password for everything.
- Helpful software: To avoid viruses which could compromise the security of confidential information, make sure all computers are protected with anti-virus and anti-spyware software. Never click any links in an email which seems odd or suspicious, even if they come from a trusted source, such as a close friend; it could be that their own account has been hacked.
- Avoiding dodgy areas: Visiting 'unsafe' sites drastically increases the chances of being struck by cybercrime; stay away from any sites which promote hacking or scams. It's worth installing site advisor software, this works by flagging up unsecure sites before they are even visited, helping to protect from nasty viruses which might be picked up there. Importantly, don't click on any adverts which are not from a trusted source, as these can often contain viruses or install hacking software, such as a keystroke logger, which can record confidential information entered online.
- Common sense: Never provide any log-in details to a site which doesn't have the green security bar (the space where the web address appears should be coloured green with a small icon of a padlock). Hackers can make detailed copies of a website's log-in portal in order to trick people into entering their details. Likewise, never enter log-in details to any site which appears as a pop-up; go to the site directly to access it. Remember that reputable and trustworthy companies will never ask for personal details via email, this is a scam known as phishing. Even if the email looks legitimate, contact the company directly.
- Insurance: Cyber insurance is another way small businesses can defend themselves from cybercrime. It can protect against virus damage, fraud, hackers and intellectual property theft. If a business’s system stops working due to cybercrime, cyber liability insurance can pay for the cost of repairs as well as providing temporary equipment if necessary. It can also pay compensation to a business’s customers if their details are leaked or stolen by hackers.
Although cybercrime is one of the biggest dangers to small businesses, it is possible to protect against it with nothing more than a bit of common sense and a few clever products, whether they be anti-virus software or cyber liability insurance.
Just stay alert when entering personal information online, and if something looks dodgy, stay well away from it.cyber liability insurancemanaging riskrunning a business