Security threat

Firms warned of festive cyber attack risk

Rachel Wilson: warning

A cybercrime specialist is warning that staff absences, illnesses, vulnerable systems and the requirement to work from home have created the perfect opportunity for criminals to target SMEs with weak IT security this festive period.

Rachel Wilson, a cyber specialist with Azets, is warning that cyber-attacks such as ransomware have become a multi-billion-dollar global industry with many high-profile organisations attacked during the last year including Colonial Pipeline, Irish Health Service Executive (IHSE) and Scottish Environment Protection Agency (SEPA).

She said: “If leading organisations with the finest systems can be breached, the risks for SMEs with much reduced resources are significantly higher.

“Hackers will target the weakest link, and the holiday period is the perfect time to steal from a vulnerable business.  Any such attack can cause severe financial losses, damage the reputation of an SME and quite easily trigger complete corporate collapse.

“SMEs are having to deal with unprecedented challenges so it is important that they do neutralise the cyber criminals before they ruin the business.  They bring no gifts or goodwill and are only intent on theft, so block their every move 24/7.”

Ms Wilson urged all businesses to deny the cyber criminals by undertaking a quick IT security check:

  • Ensure clarity over who oversees abnormal IT activity
  • Staff must know how to escalate and investigate a data breach
  • Responsibility for system shutdown must be clear
  • Ensure a 24/7 response protocol
  • Any lost data lost must be easily recovered
  • Audit user identity and access management and ensure complex passwords
  • Stop the attacker with network segmentation 
  • Closely manage 3rd party IT access to limit supply chain risk
  • Invest in Cyber Insurance.
  • Test and re-test all backups

Leave a Reply

Your email address will not be published. Required fields are marked as *

This site uses Akismet to reduce spam. Learn how your comment data is processed.