Following recent attacks on Sony, a data security expert has advised that hacking is a growing issue, and that the majority of businesses are simply not prepared for and have little protection against it.
Walter Rossi at specialist business IT and telecoms provider, Daisy Group explained: “Most businesses’ firewalls are designed to withstand simple viruses and malware (software that is in many instances used by criminals to obtain valuable business information), but have little protection against the sophisticated methods used by hackers seeking to steal data or disrupt their operations.
“Although awareness of the problem is growing, following attacks on Sony, Microsoft and Apple’s iCloud, hacking is largely seen as a ‘big business’ problem and often overlooked.
“Attacks on small and medium-sized businesses are remarkably common as their security tends to be less sophisticated, making them easy prey. They are usually targeted by those aiming to steal their customers’ bank details, blackmail them, or to use them as a ‘back door’ to get into larger organisations.”
The most common techniques used by hackers involve programmes that paralyse a business’ system by overloading them with traffic, called Distributed Denial of Service (DDoS), or ones that secretly obtain information such as commercially sensitive information or bank details.
Once infected, a victim's computer can be operated by criminals remotely and often see the victim become part of their network, spreading viruses to find and snare more targets.
Cyber extortion is another growing issue related to hacking, whereby DDoS hackers can stop the company’s online services, or render a website unusable. The business is then issued a ransom demand to release the files or site.
Walter Rossi advised: “There is no perfect solution and even companies with some of the most sophisticated systems in the world can fall victim to hackers, however, investing in a good, up-to-date security system, which is regularly updated and built to withstand viruses and DDoS, will ward off most attacks. It also doesn’t need to be expensive.
“Ideally, businesses should have multi-layered security systems that not only block access, but detect and alert you when there has been a breach.”
He also advises implementing good ‘housekeeping’ processes that prompt staff to change their passwords at least once every three months, using a combination of letters and numbers.
Businesses particularly at risk should consider using two factor authentication (2FA) such as key cards or fingerprint readers, in addition to password protection.
He added: “Whilst investing in decent firewalls and changing passwords might seems like an unnecessary inconvenience, failure to do so can cause thousands of pounds of damage, and potentially lead to customers and suppliers being hacked, doing untold damage to a business’s reputation.”