BUSINESS CRIME & PROTECTION
FEATURE
How can businesses
stay safe?
Joe Burns is a certified ethical hacker and co-founder of Ilkeston-based Reformed IT, a cyber security and IT solutions company. He sees first-hand the damage being inflicted on businesses from cyber-criminals – noticing an increase in SMEs suffering financial losses – and often works alongside police forces to help with breach remediation. Now on a campaign educate businesses of these risks and how to avoid becoming another victim, he speaks to Business Network about some of the questions he’s frequently asked.
WHAT IS THE LARGEST LOSS YOU’VE SEEN A BUSINESS SUFFER IN THE EAST MIDLANDS? In late 2019, I was called in to help investigate a sophisticated social engineering attack on a business that led to someone transferring in excess of £100,000 to fraudsters from the company bank account. Social engineering is where the attackers mislead individuals within the business in a way to encourage them to do something they shouldn’t typically do. This could be to reveal a password or information, buy vouchers from a store or, in this case, transfer large sums of money. The fraudsters usually do this by impersonating trusted
people either within the organisation or external authoritative organisations such as banks and IT companies.
THERE HAVE BEEN SOME HIGH-PROFILE RANSOMWARE ATTACKS IN RECENT YEARS. HAVE YOU SEEN ANYTHING SIMILAR WITHIN THE EAST MIDLANDS? Yes, ransomware can be extremely damaging to a business and if it hasn’t got a good backup and disaster recovery
plan, it can cause a lot of business interruption. Ransomware is a method that has been used by hackers
for decades but has become more prevalent in the past 10 years. It typically works by getting someone in the organisation
to run a piece of software on a computer, which then encrypts all data on the network to make files unreadable without a password. This password will have been set by the attackers and
instructions left for the victim to pay a ransom in order to get access to their files again. Recently, I have dealt with a case where a business in
Derbyshire had its server hacked into. The hackers then encrypted all the data and because they had full access to the system, they encrypted the backups as well – leaving the business with no access to its critical files and customer information. The hackers demanded nine bitcoin (which is valued at
£363,000 at the time of writing) to return access to the company’s systems and data. In the meantime, the business was unable to correctly
service its customers without resorting to pen and paper.
business network June 2021 47
‘The business was unable to correctly service its customers without resorting to pen and paper’
Page 1 |
Page 2 |
Page 3 |
Page 4 |
Page 5 |
Page 6 |
Page 7 |
Page 8 |
Page 9 |
Page 10 |
Page 11 |
Page 12 |
Page 13 |
Page 14 |
Page 15 |
Page 16 |
Page 17 |
Page 18 |
Page 19 |
Page 20 |
Page 21 |
Page 22 |
Page 23 |
Page 24 |
Page 25 |
Page 26 |
Page 27 |
Page 28 |
Page 29 |
Page 30 |
Page 31 |
Page 32 |
Page 33 |
Page 34 |
Page 35 |
Page 36 |
Page 37 |
Page 38 |
Page 39 |
Page 40 |
Page 41 |
Page 42 |
Page 43 |
Page 44 |
Page 45 |
Page 46 |
Page 47 |
Page 48 |
Page 49 |
Page 50 |
Page 51 |
Page 52 |
Page 53 |
Page 54 |
Page 55 |
Page 56 |
Page 57 |
Page 58 |
Page 59 |
Page 60 |
Page 61 |
Page 62 |
Page 63 |
Page 64 |
Page 65 |
Page 66 |
Page 67 |
Page 68 |
Page 69 |
Page 70 |
Page 71 |
Page 72 |
Page 73 |
Page 74 |
Page 75 |
Page 76 |
Page 77 |
Page 78 |
Page 79 |
Page 80
