In 2016, British firms were subjected to an average of almost 230,000 cyber- attacks according to the ISP Beaming. What are the most common cyber- attacks, how could a hacker cost you your business and how can you protect it? Plan Insurance explains.
A cyber-attack can have disastrous consequences, particularly for Small and Medium Enterprises (SMEs). A recent study from the US National Cyber Security Alliance found that 60% of small businesses that suffer a cyber-attack are out of business within six months.
Commercial vehicles are getting more complex and more connected, which makes them more vulnerable to cyber- attacks. If your fleet management system isn’t secure enough, or if a telematics control unit isn’t protected properly, hackers could gain access to your system and your data.
What are the most common cyber-attacks?
■ Email hacking/phishing – if someone in your company clicks on or replies to one of these, they may activate Trojan horse software which will operate on their web browser. Mirroring the key strokes of the user,the malware will inform the hackers of passwords being typed in. This method has been used to illegally withdraw significant amounts from online bank accounts. In many cases, the financial institutions in question have not accepted liability.
■ Email cloaking – an email is sent appearing to be from one of your employees requesting payment for an invoice which appears legit. The money is sent to the hackers account…
■ Ransomware/virus – like the ones who targeted the NHS recently, criminals working on the dark web have built sophisticated businesses with the sole aim of gaining control of companies’ technology networks and systems. They then send demands for payment in exchange for returning the status quo.
■ Password theft/breach – this enables sensitive data to be accessed and released. A disgruntled employee at the supermarket, Morrisons, did just this in 2015, costing the firm over £2 million.
■ Connected vehicles and the ‘Internet of Things’ – this threat is particularly real to the automotive industry. Connected vehicles are, in essence, computers on wheels. They hold a tremendous amount of data and connect to multiple systems via telematics, the fleet management system or diagnostic port. Hackers can access the on-board system to infect your network. And vice versa…
How could cyber-crime cost you?
■ ACV workshop owner – updating commercial vehicle software and plugging-in diagnostic equipment in your clients’ vehicles.
■ A commercial fleet manager – sending out reminders to your clients that their vehicles require their periodic inspection.
In each of these cases, you handle data. In May 2018, the government will implement the General Data Protection Regulation (GDPR), a new regulation which will impose more severe penalties for non- compliance and data protection breaches. The most serious violations could result in fines of up to £15.8 million or 4% of the turnover – whichever is greater.
How can you protect your business?
You should review your passwords protocol, firewalls/email quarantining process and ensure you are doing regular systems back-up. Also, ensure vehicle software is up-to-date and be extremely careful when modifying it, or when connecting third- party devices to the OBD port of a vehicle.
More information is available on the National Cyber Security Centre website, at www.ncsc.gov.uk. Cyber insurance can help protect your business in the event o fa data breach or a cyber-attack. You may also want the benefit of PR advice to minimise the impact on your firm’s reputation. The cost of this can also be included in your policy.