A few years ago a company in this sector was brave enough to go public and state what had happened to it when it was the victim of a cyber attack. Its systems were breached and information stolen. The criminals were not home grown but were found to be based in Moscow. Faced with the possibility that valuable information could be destroyed, the company reluctantly paid up.
This week, Lister Trade Frames, the award winning trade fabricator, let it be known that it too was exposed to a recent cyber attack. It endured what it described as ‘one of the most pernicious web viruses called CryptoLocker, also known as Ransomware’. The result was that it had 38,200 files destroyed in only 5 minutes. (See our latest e-newsletter and the sensible advice Lister’s gives.) How did this happen? A member of staff had unwittingly opened up a file and the whole system was infected.
It took quick action by one of Lister’s IT people and an effective back up system to repair the damage but other businesses have not been so fortunate. One company in Stoke on Trent lost 15 years of data, while another was closed down for 11 days while the virus was purged.
It doesn’t really matter what the size of business is; cyber attacks have leapt to extremely high levels in the UK. The government has admitted that ‘93% of large corporations and 87% of small businesses reported a cyber breach in the past year. On average over 33,000 malicious e-mails are blocked at the Gateway to the Government Secure Intranet (GSI) every month. These are likely to contain – or link to – sophisticated malware. A far greater number of malicious, but less sophisticated e-mails and spam are blocked each month.’
Of course, there is a cost involved and this has been estimated at between £450,000 to £850,000 for large businesses and £35,000 to £65,000 for smaller ones.
The government insists that it is creating a safer business environment from cyberspace attack by such measures as:
- Setting up a National Cyber Crime Unit within the National Crime Agency in last, bringing together the Police eCrime Unit and SOCA.
- Providing cyber security advice to businesses, such as the 10 Steps to Cyber Security Booklet and tailored guidance for small businesses.
- Action Fraud, the UK’s national 24/7 fraud and internet crime reporting centre – recording incidents of fraud centrally enables intelligence being gathered about crimes to be shared and analysed, resulting in more targeted enforcement action.
All of this is useful but the first line of attack has to be within the business and readers will find much to think about by seeing what happened to Lister’s and the plans it had in place to deal with such dangers.
For further government advice, visit: www.gov.uk/government/policies/keeping-the-uk-safe-in-cyberspace