Two-thirds of UK businesses hit by security breaches!
Two-thirds of UK businesses have been hit by cyber security breaches but directors remain unaware
Two-thirds of FTSE companies admit they have been hit by a cyber breach or attack in the past year… and this number is thought to be higher in small businesses who have potentially less stringent security controls.
Viruses and Malware no longer pop-up alerting the users that their machines have been infected. In today’s world “knowledge is power” and information is what a hacker most desires. After all, it is a company’s most prised asset. Viruses and Malware tend to infect user systems and lay in wait; capturing information and sending it back to the creator.
FibreFly have recently worked with a number of organisations who have reported suspect emails from both customers and clients. The emails appear to be from the right person with expected content, but on closer inspection the senders domain name will be subtly different!
For example; Company A is expecting an email from Jane@Hotmail.com detailing account details for payment… instead company A received an email from Jane@Hatmail.com detailing different account details for payment!
(for techs; The domain Hatmail.com can be traced back to a newly registered (within a few weeks) domain with VistaPrint and the originating email IP to a random foreign country). This is commonly known as Spear Phishing… and it’s on the rise.
The information in the “expected email” will have been obtained by the hacker through a vulnerability in either the company or the recipient’s platforms.
New EU laws coming into effect in the next two years will leave companies with potentially heavy fines to face (4% of Global turnover!!) in the event of data loss.
In the example above, the company was not aware of any breach until the hacker revealed it. So; with two-thirds of companies knowing of a data-breach… it may be that the remaining one-third are simply not yet aware!
Proxies, Firewalls, Anti-Virus and Anti-Malware systems all need to be correctly configured and monitored to ensure data is protected. Email encryption should also be enforced during transit of sensitive information. Talk to us today to protect your company.