Join the Esme team as we explain what a cyber-attack is, how one could affect your business and share our top three tips on how to reduce the risk of becoming the victim of a cyber-attack.
A cyber-attack is an attack from one or more computers against another computer/multiple computers/a network. Cyber-attacks are initiated by cybercriminals; groups of hackers or individuals who instigate the attack against a business or individual, usually to gain money or data.
There are a number of types of cyber-attacks, with the most common listed below:
Malware stands for malicious software. This form of attack gives cybercriminals the ability to infiltrate computers or a network to access and control the system remotely - attackers can then demand ransom from you or access your business’ database and any sensitive information.
Phishing is where cybercriminals to create and distribute fake emails or webpages intended to mirror a real website or company with the intention of gathering sensitive data.
If your business relies heavily on selling goods online, this particular attack can be very harmful to your business and its future. A Denial of Service attack (also known as a DoS attack) is where a large amount of traffic is sent to your website to intentionally overwhelm its servers, taking the website offline.
This is when a hacker secretly interposes themselves between the user and the website or service they are attempting to access. For example, if you were in a hotel and were trying to access the Wi-Fi network, you may be asked to log-in on a website page in order to proceed and access the Wi-Fi. Hackers can mimic the hotel’s log in page and then have access to any information you have on your computer, including bank passwords and sensitive information.
One of the most recognised cyber-attacks that affected the UK in particular was the WannaCry virus in 2017. The virus was initially introduced to computers through phishing emails and then quickly spread using a known Windows vulnerability, shutting down hundreds of thousands of computers around the world with messages demanding ransom payments.
This Malware virus affected over 150 countries and over 100,000 organisations and businesses, including the UK’s NHS. According to the Telegraph, more than 190,000 appointments were cancelled which cost the NHS approximately £20 million in just one week (12th May – 19th May). The NHS were then forced to spend an additional £72 million in cleaning up the incident and upgrading their IT systems.
The WannaCry virus shows exactly how much a cyber-attack can affect a business or organisation - with small businesses at risk just as much as large organisations such as the NHS. A cyber-attack on your business could result in your business losing a large sum of money, damaging your reputation and trust amongst your customers, loss of your database, customer information, or worse - closure of your business.
It’s important to consider the effects of a cyber-attack on your business when creating or updating your business continuity plan. This is to ensure you are prepared and aware of the risks before it potentially happens.
It could also be wise to consider upgrading your business insurance so that it covers any losses your business may experience as a result of a cyber-attack. This can then be incorporated into your business continuity plan and form part of a cyber-attack recovery strategy.
Staff can accidentally be the cause of spreading malware software through phishing emails. Educating your staff on technology security and how to stay safe online could help your business avoid a cyber-attack.
The reason why the attack on the NHS was so effective was due to its dated IT infrastructure. Out of date software is especially vulnerable to viruses and malware, so it’s important to keep your computer’s software and anti-virus software up to date.