The dangers of cyber crime and why SMBs should care

We live in an electronic world where every day we share our personal details—with websites, doing our shopping and banking online or sharing our lives on social media—happily trading convenience for loss of our privacy. The data we share has huge commercial value and the digital footprint we leave behind can be abused by hackers and criminals.

Many small UK businesses mistakenly think they are too small or insignificant to be a target of a cyber attacks, yet as larger companies get serious about data security, small businesses are becoming increasingly attractive targets for online fraud – often with devastating consequences.

If your business handles customer data electronically then you are an attractive target for hackers, ransomware, viruses, malware or a data breach. Understanding the current digital landscape, the cyber threats and the implications of ignoring your security responsibilities is something that SMBs should care a great deal about. Here we outline some of those threats…

Internal Data Threats

Mishandling customer data can cost your business and one of the most common ways businesses leak information is usually from an internal source. It is one thing to protect data from external threats, but what protections do you have in place when you share information with colleagues or with a third party? For instance if you employ a freelance consultant do you know what they are doing to protect your data? What systems do you have in place for removing permissions for ex-employees? As part of your working processes are you unwittingly introducing a hole that criminals can exploit?

Ransomware – a growing menace

Another way small businesses loose critical data is through Ransomware. Ransomware infects your system with a virus, which in turn infects all of your work files and encrypts them. The only way to retrieve your files is to pay the hackers a ‘ransome’ fee.  Not only is it a costly exercise, if you are unable to get your data back it could mean having to close your business.

Compliance & Legal Responsibilities

Under UK law it is your duty as a business to protect your customer’s data. The Government and legal framework is putting a lot of pressure on small business to demonstrate that they have the necessary data protections in place an you could get sued or taken to court for not applying the correct protection against losing your customers data. If you collect details from your customers it is is essential that you understand what you need to to do to stay compliant and continue to operate in your industry.

Criminal Charges

If your company server is used as the source of an attack for criminal activity, you could be liable for fraud. Cyber criminals point fraudulent websites to small business servers and IP addresses to mask criminal activity such as stealing credit card numbers or operating fake businesses. Furthermore, they may do this for 1 or 2 days and shut it down before you realise you’ve been hacked. In fact, some businesses may remain blissfully unaware of the crime until they are accused of fraud! If you are ever the target of online fraud you should report the crime immediately to the National Fraud and Cyber Crime Centre. Should you be investigated, you will be expected to demonstrate you have taken all reasonable measures to safeguard your customers data or face criminal charges.

Reputation Damage

Your businesses reputation can be damaged by cyber crime or a major data breach. Business reputations are built online these days and if something does go wrong, the news will viral on Social Media and really damage your reputation as a company or professional. Clients are unlikely to want to work with you if they can’t trust you to take care of their data.