The managing director of a major cyber security player has warned small businesses to take the cyber threat more seriously.
Paul Harris, managing director of Manchester-based Secarma, says that half of all cyber-attacks are upon small firms which could be destroyed overnight.
鈥淚f they鈥檙e not a large or national organisation, people get lulled into a false sense of security and believe they won鈥檛 be attracted to hackers because they鈥檙e an SME, but that鈥檚 simply not the case,鈥 Harris told 老九品茶Cloud.
鈥淔ifty per cent of all attacks target small businesses.
鈥淭hey can use ransomware to encrypt your data and customer information so you can鈥檛 do anything until you鈥檝e paid a ransom. 老九品茶es are dying because of this.
鈥淪mall businesses, particularly, can be targeted for small amounts. That鈥檚 why it鈥檚 becoming more important for every company to have a cyber policy.鈥
Cyber-crime is now run as a business yet many firms are burying their heads in the sand. Harris cites figures that show 200,000 new malware samples appear on the internet every day.
鈥淭hat鈥檚 the level of activity that鈥檚 happening that companies are trying to cope with,鈥 he added.
鈥淲e鈥檝e got so many different 鈥榖ad actors鈥 as we call them, everything from curious school kids to lone wolves, right up to nation states like America, China and Russia who are massively active in this space.鈥
Whether those security breaches are for surveillance, to steal IP or personal data, the threat is real and should not be ignored by organisations of any size.
Simple measures like making sure firewalls are up-to-date and patched are important. Criminals that get in via a firewall could then place a piece of software on your network that could periodically send data 鈥 known as a silent attack 鈥 or carry out a 鈥榙rive-by attack鈥, where they immediately recover your data.
Using email scanning software is also necessary and ensuring you educate employees on phishing.
鈥淓mails come in all the time and there are much more subtle ways now for people to try and get into your business,鈥 Harris said.
鈥淩ecruitment, for example, is a department that regularly has to click on email attachments from complete strangers and cyber criminals can use this to embed malware that can infect that PC and start attacking servers.鈥
As well as an effective strategy spelling out what to do in case of an attack, vulnerability testing and ethical hacking can also be a good test of your system鈥檚 defence capabilities.
鈥楻ed teaming鈥 sees hackers attack a business to demonstrate potential holes, while there is a range of other activities experts can arrange.
鈥淲e鈥檝e never had a customer where we didn鈥檛 find vulnerabilities and we鈥檝e been going 16 years,鈥 Harris said.