Time to start practising some Internet common sense

There is no doubt the Internet has transformed our lives and will continue to do so. For many of us it’s hard to remember how we did business before the web changed everything.

Some of us even used to write letters and make phone calls – remember those! Meanwhile an entire generation has grown up knowing no other way of doing business.

Yet perhaps we have become too relaxed. While we gain from the convenience and new business opportunities the Internet has given us, another group has benefitted also: cyber-criminals.

Cyber crime has reached unprecedented levels across the world. High profile hacks of companies like US retailer Target and Sony Pictures has demonstrated the resources and sophistication of organised gangs and the impact they can have on the long-term stability of even the biggest organisations.

But it’s not just big corporations. We are all at risk, consumers and small businesses alike. According to UK Government figures over one-third of adult Internet users reported experiencing a negative online incident. And that was in 2012.

Criminals are increasingly targeting smaller businesses as they believe them softer targets with potentially rich pickings. Smaller businesses lack the resources to employ dedicated IT security teams.

According to consultancy firm PwC, the average cost of a breach to a small business is between £65,000 and £115,000.

However, you can reduce your risk of such losses by not giving criminals an easy ride.

Cyber gangs send out millions of emails each day which carry malware (software which is specifically designed to disrupt or damage a computer system) designed to catch out the unwary.

These phishing emails look like they come from a trusted source like your bank or even a customer. But they contain a link which, when clicked, downloads a piece of malware.

Such malware could spy on your employees’ activities to record logins and passwords. Or it may launch a electronic ‘worm’ that enters the company network looking for data or personal information it can steal and send back to the gangs controlling it.

Cyber criminals are interested in one thing: money. They do not have a political point to make or much interested in bringing down your networks. In fact they much prefer networks to continue running so that they can steal as much as they can over the long term.

It’s a bit of a myth that cyber-criminals break into bank accounts and siphon cash directly. They prefer to look for, and steal credit card numbers and sell these on to other criminals who use them to make illegal purchases.

They actively look for businesses that store such data – and that means the myriad number of small businesses that now sell direct to the public.

Very small businesses and home users are prone to a particularly nasty form of attack called ransomware.

This will freeze your PC and the only way to unfreeze it is to pay a ransom to the attackers. Many victims pay up simply because its cheaper than the grim alternative – a frozen business or a computer rebuild. Many incidents go unreported.

Most of these attacks are not that sophisticated and can be avoided with some common sense and small investment in security software.

Keeping antivirus installed and up to date on all company PCs and devices will go a long way to stop attacks by neutralising malware, yet it’s surprising how many businesses overlook this simple and cost effective measure.

However it can’t stop everything getting through. The best defence against cyber attackers is ongoing security education and awareness.

Educate yourself and your employees on the dangers of phishing and how to spot bogus links in emails, and which sites on the web are more likely to contain malware.

Install filters on your web server to prevent access to ‘dodgy’ sites or social media, a known hunting ground of scammers and cyber-criminals.

Tell them not to write down or share passwords and always report anything that looks suspicious.

Finally, if your business stores any kind of confidential data such as payment details it must be encrypted. That way, even if criminals do get hold of your data it is useless to them.

A good place for more tips on securing your business is Get Safe Online which contains excellent advice.

Colin Tankard is managing director of data security company Digital Pathways, a specialist in the design, implementation and management of systems that ensure the security of data, whether at rest within the network, mobile device, in storage or data in transit across platforms.

Image: Concept of the internet via Shutterstock