Lincolnshire

Friday Focus: What can Lincolnshire businesses learn from recent cyber attacks?

This story is over

More than two thirds of large British companies experience cyber attacks, but what practical steps can businesses put in place to truly protect themselves?

Lincolnshire County Council, Northern Lincolnshire and Goole (NLaG) NHS Foundation Trust and Lincolnshire Chamber of Commerce are just three examples of large organisations that have been hit by malicious attacks in recent months and years, costing the organisations millions of pounds to rectify.

As previously reported, Lincolnshire Chamber of Commerce fell victim to a Russian malicious ransomware attack on January 9, which breached the security system and locked down the server.

The ransomware came in the form of an email attachment and although the Chamber is now operational again, it still does not have access to archived files and data saved on the server.

Simon Beardsley, Chief Executive of Lincolnshire Chamber of Commerce Photo: Steve Smailes for Lincolnshire Business

Simon Beardsley, Chief Executive at Lincolnshire Chamber of Commerce: “The government confirmed that two-thirds of large British companies have experienced a cyber-attack in the last 12 months.

“The report also said that any business with an online presence has to prepare for how they would react to a hack that breaches their systems.

“The overriding message is that all businesses are vulnerable to attacks.

“Being lulled into a false sense of security that you’re businesses isn’t attractive to hackers could be a recipe for disaster.”

But when the unthinkable happens, as it did with the Chamber, Simon said it was important to act quickly.

“The most important communication we had to make was to our members reassuring them that no data had been stolen, and then we began to put the building blocks of recovery into place.

“It’s been a very challenging time, and we’ve learnt a lot about the importance of back-up technology, cyber insurance policies and how to handle the PR and communications around malware attacks.

“As one of the leading business networks in Lincolnshire we want to share our experience and offer practical advice to our members and the wider business community, so we’re planning several cyber security workshops for people to attend.”

Businesses are being urged to make sure the correct protections in place to make it as hard as possible for opportunistic criminals to take advantage.

Tony Anscombe, Senior Security Evangelist for Avast, a global cyber security specialist with offices in Lincoln, said: “Cyber criminals are always on the lookout for any opportunity to steal information, accounts, passwords, and identities.

“The fewer security hurdles they encounter, the easier their task.

“For example, four out of 10 employees use the same password for different business logins, according to a survey of AVG Business customers.

“Couple that alarming statistic with the increased use of mobile devices and the increasingly long list of logins required to keep your devices properly secure, it’s easy to see how and why there is still a gaping hole in SMB security.

“Having a layered approach to security will help a small business protect themselves from cyber criminals.

“Implementing technology such as Multi-Factor Authentication, Identify and Access Management plus Mobile Device Management can provide the support to safely protect a business.

“In addition to that, culture and education has a part to play – encouraging users to use safe passwords and educating them as to the common risks facing them from cyber criminals will help protect a small business.

“The layered approach provides protection whilst enabling the team to reap the benefits of mobile devices in the workplace now and in the future.

“Businesses need to ensure they have up-to-date security software on PCs, Macs, smartphones and secure devices so that they cannot be used to generate unauthorised traffic.

“Where a business has been the victim of a cyber security breach, they should ensure to update their security software and request all employees to change their passwords.”