Security weaknesses have just cost British Airways £183 million.
In 2018, hackers carried out a “sophisticated, malicious criminal attack” on BA’s website. Personal and financial details were stolen from 380,000 transactions. Names, email addresses and credit card details, including CVV numbers, were taken.
Under GDPR rules, companies who allow others to access personal or identifiable data without the person’s permission can be fined. This includes data breaches.
Fines for data breaches are either €20 million or 4% of annual turnover, whichever is higher. BA has been fined on the higher end of the scale.
So, How Did This Happen?
Cyber-security expert Professor Alan Woodward told the BBC the hack most likely came via a script placed on the BA website.
Scripts can easily be placed by attacking weaknesses in websites or networks, to access customer data. Weak passwords, flash animations or Java applications can all be targeted to access websites.
Even customer service chatbots have been used to access data. Hacker’s used a Delta Airlines chatbot to access customer service databases to steal valuable data.
Do Leaks Just Happen Through Websites?
Computer networks are also vulnerable to data breaches. Hotel chain Marriott recently received a hefty £99 million fine after it failed to ensure IT systems were secure on their new acquisition, Starwood hotels.
In the early 2000s, Gary McKinnon hacked into the Pentagon and NASA by running a script to pick up weak passwords. According to the US, McKinnon caused $700,000 of damage.
The WannaCry ransomware virus targeted computers running Windows XP. They exploited a weakness that compromised the unsupported operating system. It just so happened that the NHS runs off of Windows XP. The whole network went down. Appointments and surgeries had to be cancelled.
So What Does This Mean for Small Businesses?
Cisco Annual Cybersecurity Report 2018 found that 43% of Cyber-attacks target small businesses. 60% of those businesses will be forced to close as a result. Each targeted business spent $2.2 million on average to fix the damage from the attack. And that doesn’t take into GDPR fines or customer compensation.
Network Security is vital.
While pouring money into something that “happens to other people” might seem like a waste of money, it could save you millions in the long run.
Top Small Business Security Tips
There is a lot of work that needs to go into making your network secure. But here are some top tips.
Make IT security office culture
Keeping a culture of IT security among your staff will be critical to your security success. Updating computer software can be a pain, especially when there are tight deadlines. Make sure your staff aren’t putting them off.
Proper training for staff will be necessary to keep your network safe. You could run a short seminar, or write a weekly IT newsletter that gets sent to staff. Make it fun, memorable and avoid death by PowerPoint.
Use a Hardware Firewall
Hardware firewalls are a fantastic way of keeping all devices on your network safe. They plug into the router and screen all traffic for suspicious qualities.
There are many fantastic firewall products on the market.
Cisco Firewalls use cutting-edge technology and research from its TALOS security branch. Cisco uses real-time reputation technology to spot attacks as they are released. They use this information to update the security to block malicious sites automatically.
WatchGuard Fireboxes aims to give small and medium-sized businesses enterprise-level security at an affordable price. Their main business focus is security, and they are one of the leading experts in the security field.
See our whole range of security products on the Comms-Express.com website.
Equip all computers with AntiVirus – and Keep it up to date!
Having a firewall isn’t enough on its own. Make sure your computers are equipped with Anti-Virus software. Anti-Virus software can give your computers an extra layer of protection, especially in the case of a virus entering via a USB stick.
F-Secure has a brilliant range of Internet Security, which protects against all kinds of threats, such as malware, WiFi threats and Ransomware.
Keeping your network safe and secure is of vital importance. Hacks are more common than you think. With the threat of GDPR fines hanging over companies, it’s critical that you keep your security plans up to date.
If you need help building your secure platform, you can talk to our experts today. Call free on 0800 488 000.