Unless you’ve spent the weekend on the moon or simply ‘switched off from the world’, you will be aware of the unprecedented cyber-attack ‘WannaCry’, which began as a ransomware attack on Friday morning, infecting over 230,000 computers in 150 countries and causing grave disruption to many organisations including the NHS. Whilst the stories that hit the headlines related to large organisations, there will no doubt be many small businesses and individual users who have also been victims.
It seems that everywhere you look we are being warned about the risks of cyber-crime; yet despite this, it is still the fastest growing area of crime, as criminals continue to take advantage of advancing technology and the vulnerability of systems and individuals.
According to statistics recently published by the Office of National Statistics, cyber-crime was one of the most common offences committed in 2016, with an estimated 2 million cyber-crime incidents compared to 686,000 domestic burglary offences!
It’s not surprising that individuals unwittingly fall foul of these increasingly sophisticated attacks, particularly when these often come from what appear to be genuine and respectable authorities. A warning email I received on Friday morning from HMRC illustrated this perfectly. It read “Customers are strongly advised to lookout for a new phishing scam. If you get an email with the subject, “Your 2016 Tax Report”, with an attachment, do not open!”
Now I know that HMRC would never email important documents to me and if I was in any doubt, I would telephone HMRC to check (after looking up the number from a genuine source and before opening any attachments), but, how many individuals would have been panicked by seeing ‘HMRC’ and immediately opened the attachment, resulting in who knows what malicious activity, financial loss, data loss, identity fraud or even psychological issues resulting from the stress of the attack.
The National Cyber Security Centre makes the following suggestions for keeping safe: –
- Use proper anti-virus software and always download the latest software and app updates; they contain vital security upgrades which help protect your devices from viruses and hackers. The most common reason respondents across the UK gave for not downloading software updates was that it takes too long. In reality, it only takes a few minutes compared to the time it can take to recover from a cyber hack.
- Use three random words to create a strong password. Weak passwords can allow hackers to use victims’ email to gain access to many of their personal accounts, leaving them vulnerable to identity theft and fraud.
- Back up the data that is important to you – you can’t be held to ransom for data that you hold elsewhere.
Of course, these activities alone can’t keep you completely safe. In September 2016, the ringleader of a gang responsible for the biggest cyber-fraud the Metropolitan police had seen was jailed for 11 years. Their crime; defrauding innocent bank customers over the phone by pretending to be from the fraud department of the bank and persuading them to provide their internet banking details on the basis that their accounts had been hacked. Within a matter of seconds and whilst the call was still taking place, the callers associate would gain access to the victims account and empty them!
Now you might think that you wouldn’t have fallen prey to this crime, but the criminals were so convincing that amongst the victims was a firm of solicitors who were fleeced out of £2,260,625! In fact, between January 2013 and October 2015, the gang took approx. £113 million from victims!
Through its Cyber Aware campaign, the government are urging everybody to treat cyber-crime as seriously as home security. For more information on keeping yourself safe, please visit https://www.cyberaware.gov.uk/
Carpenter Rees takes cyber-crime and the security of client data very seriously. In October 2016 we successfully completed the Cyber Essentials badge demonstrating that we have the correct security controls in place which meet government endorsed standards.