Safety First: Warding Off the Hackers (Guest blog by FDM)
The global cost of cybercrime is expected to grow to $10.5 trillion annually by 2025. This statistic is both fascinating and alarming as it reveals the growing ingenuity of hackers and their ability to hold the world to ransom. After the Covid-19 pandemic, more and more businesses have adopted remote working, causing a massive shift to and adoption of cloud technologies.
With the unprecedented volume of data that is now online, it is crucial for businesses to safeguard that data and protect it from being lost or compromised. Patrick Wake, Group Head of Information Security says, ‘If you’re using the cloud system, you are in essence using somebody else’s computer.’ This naturally poses its unique risks.
Depending on where the cloud server is, it is governed by local jurisdiction and rules. For example, law enforcement agencies in the United States only need a simple warrant to ask cloud companies for access to their users’ data.
So, whilst Hyperscalers are very secure companies, secure and private may not necessarily mean the same thing. These companies have portals in place that show how many requests for customer data access they get from law enforcement.
Unless the right steps are taken for safeguarding, you are at risk of losing confidential data that can cost your business millions of pounds in losses in addition to causing severe reputational damage. It is not surprising that the number one priority for businesses today is data security and staying one step ahead of potential threats.
At FDM, we believe that everyone has the right to feel safe online whether in a personal or professional capacity. We host regular webinars to inform staff about the best ways to stay safe online – from practical tips on social media and internet usage to protecting yourself from phishing attacks.
For instance, with the growing use of VPNs, it is vital to understand that nothing comes for free. If you are not paying for a VPN service, their revenue stream is likely you and your data such as your online shopping habits, surfing preferences, etc. Therefore, it is crucial to choose a VPN that is secure and reputable, and that you are as up to date as possible about their history and how they are making their money.
To detect, disrupt and deter online adversaries, it is important to first understand the technology we are using, including its limitations. Once something is posted online, it is there forever. Whilst Govt laws like GDPR (for Europeans) can be used to ask organisations to remove your data from their files or online records, hackers can create tools that ‘scrape’ websites to create copies of this data that they can then host themselves.
It is easier than you think for a hacker to source your personal data. Open Source Intelligence (OSI) tools and websites enable hackers to track your behaviour and personal information on social media platforms. For example, hackers can simply type a name and location into an OSI tool, find a user’s social media profiles, and then use this information to find out more intimate details about them via an online directory, such as your address, how much your house is worth and even where your siblings live.
‘Digital dirt’ is a term used to describe information that could expose your details online, whether intentional or not. Research has shown that 25% of adult internet users confess to posting sensitive information on major social networking platforms. This includes information, such as home addresses, mobile numbers, and email addresses. It shows just how easily people forget about basic online security.
With the growing popularity of the Internet of Things (IoT) and smart devices that can be connected online, the threat of privacy invasion is even greater. There are websites which allow hackers to specifically search for smart devices like CCTV cameras, baby monitors, etc. that are plugged in and connected to the internet. They can then access the built-in cameras to look into people’s homes. When we buy any smart device, the instructions recommend changing the default password after the first login and if a user does not do that, they run the risk of being discovered by hackers.
Technology plays a significant role in creating positive change. While cybercrimes cannot be altogether avoided, the right response plan can help mitigate the losses for a business and its customers.
Help to shape and govern the work of techUK’s Cyber Security Programme
Did you know that nominations are now open* for techUK’s Cyber Management Committee? We’re looking for senior representatives from cyber security companies across the UK to help lead the work of our Cyber Security Programme over the next two years. Find out more and how to nominate yourself/a colleagues here.
*Deadline to submit nomination forms is 17:00 on Tuesday 18 October.
Upcoming events
Get involved
All techUK's work is led by our members - keep in touch or get involved by joining one of the groups below.