SME festive cyber attack risk to soar

A leading Azets cyber-attack specialist is warning that staff absences, illnesses, vulnerable systems and the requirement to work from home has created the perfect opportunity for criminals to target SMEs with weak IT security this festive period.

London-based Thanzil Khan, Director of Audit and Assurance and a cyber specialist with Azets, which has offices across the South East, is warning that cyber attacks such as ransomware have become a multi-billion-dollar global industry with many high-profile organisations targeted during the last year including Sainsbury’s, Irish Health Service Executive (IHSE) and Scottish Environment Protection Agency (SEPA).

He said: “If leading organisations with the finest systems can be breached, the risks for SMEs with much reduced resources are significantly higher. Hackers will target the weakest link, and the holiday period is the perfect time to steal from a vulnerable business. Any such attack can cause severe financial losses, damage the reputation of an SME and quite easily trigger complete corporate collapse.”

Thanzil Khan urged all businesses to deny the cyber criminals by undertaking a quick IT security check:

Ensure clarity over who oversees abnormal IT activity
Staff must know how to escalate and investigate a data breach
Responsibility for system shutdown must be clear
Ensure a 24/7 response protocol
Any lost data lost must be easily recovered
Audit user identity and access management and ensure complex passwords
Stop the attacker with network segmentation
Closely manage 3rd party IT access to limit supply chain risk
Invest in cyber insurance
Test and re-test all backups

Summarising, Thanzil Khan said: “SMEs are having to deal with unprecedented challenges just now, so it is important that they neutralise the cyber criminals before they cause major disruptions to their businesses. They bring no gifts or goodwill and are only intent on theft, so every attempt should be made to block their every move 24/7.”