By Martin Lipka, Head of Connectivity Architecture, Pulsant
Cyber crime is on the increase – if you haven’t experienced it first hand, it is reported on almost daily in the media. The latest headlines are around Dixons Carphone’s data breach last year – instead of the reported 1.2m records stolen, the company has now revealed it was actually closer to 10m customers.
Apart from this being a PR nightmare, it has a huge impact on market confidence, customer trust and the bottom line. But Dixons Carphone isn’t alone; nearly 70% of large UK businesses experienced a cyber attack or data breach in 2017, while nearly half of all organisations fell foul of cyber attackers in the same period – according to the government’s Cyber Security Breaches Survey 2017.
The reason for this increase? There are several, including the use of cloud and other technologies, and the ease of carrying out an attack. You can simply buy one on the internet – welcome to the era of crime-as-a-service.
This concept is an interesting one. Yes, it sounds like something out of a Hollywood blockbuster or Netflix series, but it’s also something that’s becoming increasingly popular. Pop culture references aside, should businesses worry?
Without scaremongering, yes, organisations should be concerned. The rise of crime-as-a-service has made it easier for cybercriminals to plan and execute attacks. In the past they needed to have the skills (like coding) to do this themselves, but today they just pay someone to launch a DDoS, malware or phishing attack, procuring these services via the Darknet.
According to research done by Kaspersky Lab, DDoS attacks, for example, can be bought from as little as $5 (£4) for 300 seconds, to $400 (£304) for a 24-hour attack. Flipping that around, what are the costs for your business? The impact on customer trust is immeasurable. But putting a cost on downtime and you’re looking at anything from $123K (£94K) for SMEs, to more than $2m (£1.5m) for enterprises, also according to Kaspersky.
And it doesn’t stop there – US cyber security expert Armor reveals you can buy a password stealer for $50, an ATM skimmer for as little as $700, and even buy a hacking tutorial for $5.
So we know there’s a threat, we know it’s serious, but what are we doing about it? Despite the doom and gloom reported in the media, there are precautions you can take to protect your business and mitigate risk. While your business will never be 100% protected, you should focus on identifying issues, attacks and breaches quickly, and having a cyber security strategy in place that can help you deal with them. The aim is to minimise the impact and ensure you’re able to continue operating during and after an attack.
To find out how the team at Pulsant can help you, take a look at our Pulsant Protect offering.