Cyber security risk- a ‘dark cloud’ on the horizon

Why is cybercrime such an important issue?

If you are an organisation on the receiving end of a cyber attack you may suffer virtual paralysis of your business, widespread disruption, damage to the morale of employees, the reputation of the business and a loss of client confidence, lost revenue, senior management time costs, interference from regulatory and criminal investigatory bodies and litigation costs amongst other potential negative consequences.

Now more than ever, organisations should be asking themselves “Are we really safe?” because it’s rarely the actual technology that’s the problem rather the employees operating the technology. An environment which creates the opportunity for ‘people’ to commit cybercrime is created by ‘people’ through:

poor system design;
lax security procedures;
lack of robust policies and procedures.

SM&B have seen a big increase in clients reporting incidence of cybercrime. We have recently been instructed in cases involving hacking of email accounts with malicious intent, including financial fraud and business disruption, online attacks on reputation through social media, online copyright infringement and fraudulent commodity trading committed by a client’s employee.

Cybercrime is also commonly linked to terrorism and organised crime. One SM&B client had their email account hacked and payments diverted from their bank account to a potential terrorist organisation, resulting in a report to the National Crime Agency and consequential investigation.
Proposed corporate offence of “failure to prevent economic crime”?

The Attorney General has indicated in a speech to the Cambridge Symposium on Economic Crime that the government in considering proposals to create a corporate offence of failure to prevent economic crime. It will be vitally important for businesses to demonstrate that they have put in place reasonable defences to prevent economic crime. Undoubtedly the biggest risk to businesses in this respect is actions committed by employees and agents through electronic means.
The scope and impact of cybercrime

The official estimate of the cost of cybercrime to the UK is £27bn, but that figure has been greeted with widespread scepticism as being a huge underestimate. Leading experts have warned that cybercrime is a ‘dark cloud’ on the horizon for business development in the 21st century.

75% of all businesses in the EuroZone have been subject to at least one cyber attack and with the development of new and sophisticated methods. The threat to business is on the rise.

It is estimated that cybercrime accounts for a quarter of all global economic crime. It affects every individual and business, compromising the integrity of our data systems and potentially causing significant, traumatic, direct financial loss.

Often the information we need to investigate a breach can be held by third parties, such as an internet provider, or a website, and they may be disinclined to give up their customer information without a fight.

Even if an organisation is the victim of a crime they may find themselves on the wrong end of a civil action by a customer and face fines, payment of damages and legal costs.
What is cybercrime?

Cybercrime includes:

Online fraud, and forgery committed via electronic networks and information systems i.e. by imitation of internet and email domains or hacking;
The publication of harmful, illegal or false information via electronic media;
“Platform crimes”, which use computer and information systems as a platform for performing other crimes. For example, the use of botnets. (A botnet gains control of multiple computers and can order them to perform certain tasks remotely, such as sending spam, without the actual users being aware of it.);
Malware and virus attacks; and
Data theft, destruction or manipulation.

What steps can be taken to prevent cybercrime?

Here are some steps which you can take to reduce the risk of becoming a victim of cybercrime, and if the worst happens, ensuring damage is minimised:

Ensure your organisation has a robust data protection and IT policy in place;
Clearly communicate policies to all staff and record this;
Review your organisation’s IT security systems. This includes security software, data storage practices, hardware and data destruction policies;
Check the security and contractual terms of third party service providers as they may hold your data on insecure IT systems;
Put in place a crisis management team consisting of the personnel with the right skills to deal with an attack or security breach and key emergency contacts;
Adopt a step by step crisis management action plan which includes details of everyone’s specific roles;
Ensure your organisation has the right insurance cover and that the crisis management team is fully aware of the insurer’s notification requirements.

SM&B’s security package to combat cybercrime

SM&B have developed an all purpose security package for businesses concerned with the risk of cybercrime. We offer the following services which we can implement working alongside you to meet your specific business needs:

Stage 1: A full audit of your compliance policies, procedures, data and IT security and third party arrangements;

Stage 2: Help with developing new policies and procedures going forward;

Stage 3: Key staff training on compliance and crisis management;

Stage 4: Assisting in the development of a crisis management team;

Stage 5: Direct advice hotline and crisis management assistance;

Stage 6: Post incident investigation, enforcement, reputation management and public relations strategy.
SM&B’s crisis management package

Immediate advice: The advice you receive immediately after a crisis is often the most important. We can offer specialist advice on employment issues, litigation advice, reporting requirements, and how to avoid compounding liability.

Investigatory services: Once a breach occurs your main concerns will be to 1) recover any assets or information which may have been stolen; and 2) track down the perpetrator. We can investigate a breach to obtain vital evidence to trace assets and the identity of the perpetrator, while minimising business disruption and avoiding “tipping off” where an internal breach is suspected.

Enforcement: Once evidence is gathered often court action is required. We can follow through our investigations with the necessary applications to freeze assets, obtain information from third parties (such as ISPs) and commence a claim.

If you wish to discuss anything in this article or any specific needs your organisation may have please do not hesitate to contact Makbool Javaid or David Phillips.