If you think ransomware, crypto-mining and form-jacking don’t concern you and your business, you need to come to our next cyber security event to find out the truth.
Delegates at our regular cyber-security briefings are often completely taken aback when we use real life examples to explain the ever-changing threat landscape, and the determination and ingenuity of professional hackers to damage their organisations.
Attacks can strike any organisation, at any time, and the threat is constant. Our team of security experts use the latest tools to monitor and prevent attacks on client networks and systems, which can routinely number hundreds in a single day.
Criminals are always on the look out for new revenue-generating opportunities, and one of the latest threats is form-jacking, where criminals implant code onto a target’s website in order to collect card payment details, such as in last year’s incidents with BA and Ticketmaster. Security software experts Symantec recently announced that up to 4,800 websites were being targeted in this way every month. The affected website continues to look just the same and its owners are unlikely to be aware of the rogue code until the scammers start siphoning cash out of customer accounts.
So many of the situations we see could have been prevented by having the right security measures in place. Last year several organisations who were not then clients of ours turned to us for help in highly sensitive situations, for instance when their systems had already been hijacked and a large ransom demanded. While we apply all our considerable expertise to help them out of their difficulties, and go on to help them strengthen their security framework, prevention is always cheaper and much less effort than a cure.
If you’re an SME, don’t think you are small enough to be under the radar and therefore immune from attack. Cyber criminals see SMEs, which are targeted seven million times a year, as soft targets lacking real protection and acting as the perfect Trojan Horse to provide attackers with direct access to their supply chain.
So where should a business owner or manager start to protect their organisation?
Before you can go anywhere you need to know where you are starting from, and your IT partner should be able to carry out a full penetration test and vulnerability scan to identify any weak spots in your network and systems – both technical and human – through which attackers could gain access. The results will surprise you but once you are armed with that knowledge, you can work together to create a cost effective strategy and a plan to keep your business safe.
Book a place at our next cyber security briefing, and hear our ethical hackers and security experts talk about the latest threats, outline some real cases that you can learn from, and show you how to manage the risk to your organisation.