In the last 12 months, businesses in the South East continued to experience cyber attacks with 340 cybercrime incidents reported to Action Fraud alone, although we know that this is only the tip of the iceberg as many crimes go unreported.
Since January 2020, the total reported losses to businesses are in excess of £500,000, on average the annual cost for businesses that lost data or assets after breaches was £8,460.
With cybercrime continuing to be massively underreported across the region, it’s likely that the real figure is much higher and many of the ones that were reported did not include details of financial losses and did not account for the potential lost business, IT resourcing to deal with incidents and the costs of recovery.
The COVID-19 pandemic significantly increased the amount of time we have all been spending online, so unsurprisingly there were peaks in cybercrime activity during April and May which coincides with the first COVID-19 lockdown.
Worryingly, between January and March 2021, cybercrime offences committed against businesses increased in several of the higher-harm offence categories (Ransomware, DDOS and Data Breaches). The key industries impacted by the more severe cyber incidents were the arts, entertainment and recreational industries.
These offences involved cyber criminals obtaining money or data through the likes or ransomware or by gaining access to business systems through confidential information exposed in data breaches.
Ransomware remains the primary disruptive threat to organisations in the South East region. Over the previous financial year there were a total of 46 ransomware incidents reported.
Darkside ransomware has been the most common ransomware variant detected in the previous quarter with three reported incidents. This type of ransomware works as a double ransom, with one payment to unencrypt data and a second payment required to prevent breached data being publicly released.
The group behind DarkSide ransomware also exert pressure on businesses to pay ransoms by distributing press releases and naming companies that have been compromised and are slow to meet their ransom demands.
Businesses were also faced with high levels of attacks where the organisation’s email or social media accounts were compromised.
Another threat trend in the previous quarter has been WhatsApp account takeovers targeting business accounts. Offenders are exploiting how WhatsApp uses two-factor authentication.
How do cyber criminals exploit WhatsApp?
If you add a new device to a WhatsApp account, it requires a code that is sent to the WhatsApp account associated with the original phone number. However, it is becoming apparent that offenders are commonly using social engineering methods to obtain this code and add their own device.
To help businesses outsmart cyber criminals and toughen up their cyber security, the South East Cyber Resilience Centre (SECRC), has been established to provide businesses and organisations, with an affordable way to access cyber security services and consultancy to help improve cyber
The SECRC offers a range a membership options depending on what level of support businesses in Hampshire, Surrey, Sussex, Oxfordshire, Berkshire and Buckinghamshire need.
Businesses in the South East can sign up for free Core Membership online and receive a welcome pack full of practical resources and tools that will help you identify your risks and vulnerabilities and the steps you can take to increase your levels of protection. Through your membership, you will also get regular updates on new threats, designed to help you stay safer.
Find out more via the membership page.