Daisy Group security expert warns companies to buck up their ideas
British businesses’ cybersecurity provisions are so lax that more than half of them could be hacked in less than an hour, according to a leading data security specialist.
Despite many several high-profile hacking attacks in recent months, Walter Rossi from IT service provider Daisy Group has warned that the majority of businesses are simply not prepared for cybersecurity attacks and have little protection against it.
The most common techniques used by hackers include Distributed Denial of Service (DDoS) attacks, which involve programmes that paralyse a business’s system by overloading them with traffic, or those that secretly obtain information such as commercially sensitive information or bank details.
However the rate of ‘cyber extortion’ attacks are also growing, as DDoS hackers take down a company’s online services or website and then issue a ransom demand to release the files or site.
“Attacks on small and medium-sized businesses are remarkably common as their security tends to be less sophisticated, making them easy prey,” says Rossi. “They are usually targeted by those aiming to steal their customers’ bank details, blackmail them, or to use them as a ‘back door’ to get into larger organisations.”
“There is no perfect solution and even companies with some of the most sophisticated systems in the world can fall victim to hackers, however, investing in a good, up-to-date security system, which is regularly updated and built to withstand viruses and DDoS, will ward off most attacks. It also doesn’t need to be expensive.
“Ideally, businesses should have multi-layered security systems that not only block access, but detect and alert you when there has been a breach.”
Rossi also advises implementing good ‘housekeeping’ processes that prompt staff to change their passwords at least once every three months, using a combination of letters and numbers.
Businesses particularly at risk should consider using two factor authentication (2FA) such as key cards or fingerprint readers, in addition to password protection.
“Whilst investing in decent firewalls and changing passwords might seems like an unnecessary inconvenience, failure to do so can cause thousands of pounds of damage, and potentially lead to customers and suppliers being hacked, doing untold damage to a business’s reputation,” he added.
In the face of rising threats, the UK government has launched several initiatives to try and improve the cybersecurity awareness of small businesses. This included “Cyber Essentials”, a new certification scheme designed to help consumers establish whether an organisation has implemented basic cyber security measures, which was launched last June.
How well do you know network security? Try our quiz!