Gary Bennett Research and Development Manager at Gedling Business Council came along and spoke about the risks of cyber crime to all businesses

Cyber-crime why bother
- KPMG Estimated the cost to the UK of £1.1 Billion in 2016
- The ONS estimates there were 5.6 Million fraud and computer misuse crimes in the year to June 2016. Two thirds of these involved computers
- The Information Commissioners Office can levy fines of up to £500,000. TalkTalk was fined £400,000 in October 2016
- Attacks can cripple your business, cause loss of sensitive information and reduce trust in your brand
https://www.theguardian.com/uk-news/2017/jan/24/uk-fraud-record-cybercrime-kpmg http://www.telegraph.co.uk/news/2016/11/01/how-much-of-a-problem-is-cyber-crime-in-the-uk/ https://ico.org.uk/action-weve-taken/enforcement
What We Are Seeing
- Phishing – Legitimate looking emails that tricks you into clicking links
- Malware, old style viruses as attachments to emails
- Malware hidden in macros in Word and Excel documents
- Malware hidden in by encryption, such as zip files
- Many of the above are Ransomware
- Cold calls claiming who then talk you into giving remote control of your PC or visit a particular site
- Whaling – A carefully crafted email pretending to come from a senior manager, generally building up to asking for an urgent money transfer
- Attempts to detect holes in firewalls and hack websites
-
Cyber Essentials
Advice for the core requirements for protecting a network, covers the basics, which are
–Boundary Firewalls and Gateways
–Secure Configuration
–User Access Control
–Malware Protection
–Patch Management
- There are other related schemes such as 10 Steps to Cyber Security
- Staff awareness can make a big difference
- Backups are essential
https://www.cyberaware.gov.uk/cyberessentials/
https://www.gov.uk/government/publications/cyber-security-what-small-businesses-need-to-know
https://www.ncsc.gov.uk/guidance/10-steps-cyber-security
Other Resources
- The National Cyber Security Centre Website
- Stay Safer Online Website
- Police Action Fraud Website
- ASafaWeb – Automated Security Analyser for ASP.NET Websites
- SSLLabs – Check the configuration of any public SSL (Secure HTTPS) Website
- MxToolbox – Return information about your email domain including TLS (encryption)
https://www.ncsc.gov.uk/
https://staysafeonline.org/
http://www.actionfraud.police.uk/
https://asafaweb.com/
https://www.ssllabs.com/
https://mxtoolbox.com/SuperTool.aspx