Skip to main content

At a recent accountants’ seminar, one of the offline discussions was on the subject of firewalls and general email software security and one of the accountants asked what is a cyberattack? A number of explanations were proffered, all correct but all different.

In light of the most recent cyberattack on Carphone Warehouse where the personal details of over 2 million customers were stolen by hackers, we thought it prescient to lay down a clear explanation of what a cyberattack is and provide some handy tips to help safeguard your small business against the threat of cyberattacks.

Please do not be complacent and think that ‘they’re only after the big guys’, every small business that transacts online is a potential target for cyber criminals.

A cyberattack is an attempt by hackers to damage or destroy a computer network or system, or to penetrate and steal information from it. Online software security experts break the cyberattacks into three key categories – Cyber Crime, Hacktivism and Cyber Espionage. Hackmageddon is an excellent resource for tracking the numbers of actual attacks across the three categories and comes with good commentary too.

Kapersky Labs’ Cyberthreat real-time map is an incredible interactive map that shows in real time the scale of various cyber activities taking place across the globe. It rates the UK at the 13th most attacked country in the world and Ireland ranks at a lowly 86. Sometimes – it’s good to be bottom of the class.

In 2014 the online shopping giant eBay was hacked in the United States and the records of some 233 million users was stolen, including usernames, passwords, phone numbers and home addresses. What’s interesting about this cyberattack is that a hacker group called the Syrian Electronic Army claimed responsibility. The same fate befell Domino’s Pizza when another hacker group, Rex Mundi, stole over 600,000 Belgian and French records.

Cyberattacks are not necessarily complicated. We wrote back in April how one of our customers fell foul of a combined phone / phishing scam. In the greater scheme of things her $250 loss was modest but it gave rise to a deep sense of insecurity and fear of where the next online threat would come from.

The threat of cyberattacks is very real for small businesses particularly so as they generally do not have the support systems in place that larger companies do. Their online software security tends to be weaker. Why, well small businesses tend not to have a full time resource dealing with their hardware and software systems. They don’t have the budget either. This role is generally outsourced to a third party company whose responsibility it is to maintain the small businesses’ systems.

But here’s the key – you don’t need your expert IT third party to help you defend against the most common cyberattack threats 24/7. You just need to rigorously and assiduously pursue the following two points and you’ll go a long way to protecting your business from outside attack:

  1. Make sure that all your electronic communications are encrypted. From the off, encrypt all emails. This is easily done and once set up provides a layer of protection that is very difficult to penetrate.
  2. Encryption is of little use unless we use strong passwords. Document and communicate to all staff a strict password policy. We’ve championed password security in a previous blog such is its importance. If we take the path of least resistance we’ll let our staff use short, repeatable and very weak passwords. If we are to do the right thing then we must enforce longer, complex and more difficult passwords that are changed on the quarter. Also make sure that no one uses the same password across multiple platforms. Document your password security protocol and communicate it. It’s the only way.

As sure as night follows days the threat of cyberattacks will remain. As software and security specialists come to market with new improved software security products, the cyber criminals in turn, will up the ante and look to find ways to continue their illegal activities.

As small businesses we watch in awe at the scale and volume of the big software cyberattacks on companies such as Carphone Warehouse. As the bigger hacker groups target these larger companies, there are thousands of ‘bedsit’ hackers that are busy preparing cyberattacks on the millions of busy small businesses across Ireland and the UK.

Be vigilant, be prepared, be safe.

 

 

Marc O'Dwyer

After completing a Graduate program in Marketing, Marc’s impressive sales career began at Allied Irish Banks, Pitney Bowes and Panasonic where he received numerous Irish and European sales performance awards and consistently exceeded targets and expectations. In 1992, Marc’s entrepreneurial spirit led him to set up his own business, Irish International Sales (IIS). Initially, this company was a reseller for Take 5 Accounts and Payroll software. Within four years, IIS became the largest reseller of Take 5 in Ireland, acquiring four other Take 5 resellers. He also found time to set up two mobile phone shops under the Cellular World brand and a web design company offering website design services for small businesses. In 2001, he bought the majority share in a small Irish software business, Big Red Book. At that time, the company was losing money. The company became profitable within two months, and Marc then acquired a payroll company to compliment Big Red Books Accounting products. In 2003, IIS were appointed as Channel Partners with SAP for their new SME product, SAP Business One. Marc sold his Take 5 business and concentrated on developing this new market for SAP As a result, by 2007, IIS was recognised as the largest Channel Partner for SAP in EMEA (Europe Middle East and Africa). In 2008, the IIS Sales Manager bought the Company from Marc in an MBO. He launched Big red cloud in June 2012, the online version of big red book, to date the company successfully converts 59% of trials into sales and the number of customers is growing rapidly. Marc continues to run both Big Red Book and Big Red Cloud which now support 75,000 businesses. He is a very keen sportsman, having played rugby for 20 years, represented Leinster at under 16 and under 20 levels, and league squash with Fitzwilliam Lawn Tennis Club for 10 years. Marc has competed in 11 Marathons, including the London and Boston Marathons, and has completed several Triathlons and Half Ironman races. He has also completed six Ironman Races in Austria(x2), Frankfurt (Germany), Nice (France) , Mallorca (Spain) and Copenhagen (Denmark)

This site is registered on wpml.org as a development site. Switch to a production site key to remove this banner.