Cyber Security Part 2: Protecting your business against cybercrime
In the second of articles on cybercrime, we chatted with Charlotte Knill of the Northumbria Police Cyber Crime department, about how businesses throughout the North East can protect themselves.
BY HELEN BOWMAN
In the second of our short series of articles about cybercrime, we chatted with Charlotte Knill of the Northumbria Police Cyber Crime department, about how businesses throughout the North East can protect themselves against online attacks.
Charlotte, what kinds of cybercrime do you see happening throughout the North East?
My main area of business covers cyber dependent crime. These are crimes that are committed using a computer, computer networks or other forms of ICT. They are crimes that cannot take place without some element of technology being involved. They’re crimes like hacking, network disruption and stealing data.
They’re different from cyber enabled crimes, which are enhanced by technology but can take place offline as well as online. They’re crimes like bullying, grooming, fraud, harassment and stalking.
Our team, alongside those of Durham Constabulary and Cleveland Police, works with businesses in the North East to protect their data and systems against cyber dependent crime by offering nationally approved advice and encouraging businesses to report any cybercrime to Action Fraud.
What kind of advice do you offer to businesses and organisations?
When it comes to cybercrime there is so much to consider, and it can be difficult to ensure everyone in the UK is working in the same way to combat these kinds of crimes. That’s why we offer advice that is nationally approved. There are five simple steps that every business and individual should be taking to keep their data and devices safe:
Always question unsolicited messages to avoid phishing: Phishing has moved on in recent years. From physical letters in the past to text messages and emails now. They are unsolicited messages that invite you to check your bank details, say there’s a problem with an account, invite you to read a story about something unbelievable. Whatever the message, phishing emails and text messages invite you to click on a link or attachment which can then infect your computer or device with a virus or direct you to a rogue website.
We strongly advise people to always question any unsolicited messages and avoid clicking on any links or attachments. You can report a potential phishing email to the National Cyber Security Centre using the Suspicious Email Reporting Service. More information about this service and how to report a phishing email can be found here.
Two-factor authentication: Always turn on the 2FA on your most important accounts. This adds an extra layer of security to your accounts and makes it harder for cybercriminals to hack into them. According to the National Cyber Security Centre, 2FA is the single best thing we can all do to protect our important accounts. Most online apps and services will offer 2FA as an option – take it everywhere you can.
Update your apps and devices: Don’t ignore the little red icon notifications on your apps and devices to perform updates. They’ll make sure you’re benefitting from the latest and most secure version of apps and software to keep the cybercriminals at bay. Better yet, set your apps and devices to perform the updates automatically.
Back up your data: Perform back ups of your data and devices on a regular basis. That way, if you do fall foul of a cybercrime, you’ll have a recent version of all your data available instead of losing everything. Again, set your phone and devices to back up automatically.
Great advice. What happens if businesses and individuals have to use public Wi-Fi networks – perhaps during meetings?
We’ve all been in a situation when we’re between meetings, travelling or in a meeting in a café, restaurant or on public transport. The Wi-Fi on offer is often free and handy to crack on with some work. But always remember that the free networks often have limited or no password security.
It’s best to use mobile data if possible or install a VPN (Virtual Private Network) to protect your data from cybercriminals. A VPN allows you to provide a secure connection between devices in separate locations. They’re generally available in workplaces but individuals can download a VPN too.
There’s more information about using public Wi-Fi systems in this video from the Met Police.
What if, despite our best efforts, we fall victim to a cybercrime?
It can happen so easily so please don’t be embarrassed and try to ignore the problem. It really can happen to anyone. The first thing to do is report the cybercrime to Action Fraud at actionfraud.police.uk or call 0300 123 2040. Action Fraud will not only advise you on the next steps to take but will also feed details of the crime into a national database to help combat cybercrime in the future.
If the crime has led to large sums of money being stolen, report it directly to the police immediately to stand the best chance of getting the money back.
If you’d like more advice on protecting your business, contact the Northumbria Police CyberCrime department on [email protected]