Small and medium sized businesses are being warned to take note as a company which suffered a cyber attack is fined £60,000 by the Information Commissioner’s Office.
The ICO’s investigation found:
- The firm failed to carry out regular penetration testing on its website that should have detected errors
- The firm failed to ensure the password for the account on the WordPress section of its website was sufficiently complex
- The firm had some information stored unencrypted and that which was encrypted could be accessed because it failed to keep the decryption key secure
- Encrypted cardholder details and CVV numbers were held on the web server for longer than necessary
The ICO has a range of guidance available to help businesses ahead of the implementation of GDPR on 25 May 2018.
To read the rest of the article and look at what advice the ICO has on the upcoming GDPR visit: https://ico.org.uk/about-the-ico/news-and-events/news-and-blogs/2017/06/warning-to-smes-as-firm-hit-by-cyber-attack-fined-60-000/
For more advice on specific cyber crime prevention topics, visit the ‘Advice Sheet’ section of the Warwickshire Business Watch website.
Warwickshire County Council’s Community Safety Team and the Office of the Police and Crime Commissioner recently asked Warwickshire businesses and residents if they were #wifisavvy as part of Safer Internet Day 2017.
The #wifisavvy campaign asked residents to think about how they access free wifi connections when they are out and about in the county. The scheme was piloted in Warwick and was a resounding success. It saw businesses that offer free wifi displaying posters with a commitment to their customers that:
- They have changed the admin password of their router from its default setting;
- They have disabled remote management to the router completely;
- They are committed to using reliable encryption (WPA2 as minimum); and
- They ensure that their router is regularly updated with the latest software.
In addition to this, all customers were advised:
- To be aware of their surroundings, to make sure no one is watching them type when using wifi in public locations;
- To get the correct Identification for public wifi to ensure that they do not inadvertently access spoofed or insecure wifi connections;
- To keep their internet security up-to-date and to always use a firewall; and
- To avoid using free, public wifi to do things like personal banking or online shopping.
A number of cafés, pubs and business centres in Warwick are already involved in the scheme.
The campaign is now being rolled out across the County and the team are asking businesses that offer wifi to look at how this is managed and get involved with the campaign.
Cllr Howard Roberts, Warwickshire County Council portfolio holder for Community Safety, said:
“It has been heartening to see the level of engagement from businesses in Warwick with the #wifisavvy campaign which has put the town well on track to becoming totally aware of the issues associated with offering free wifi.
“Now that this initiative is rolling out to the whole of the Warwickshire, it would be fantastic to see us as the first totally #wifisavvy county in the UK.”
If you are a business that offers wifi and would like to display the #Wifisavvy poster and window sticker please get in touch with the Warwickshire’s Business Crime Advisor firstname.lastname@example.org
If you would like more information on the scheme, visit the Advice Sheet section of the Warwickshire Business Watch website www.warwickshirebusinesswatch.co.uk
Warwickshire has been revealed as the UK hotspot for fraud against shops, based on latest information from consumer watchdog Which?. They collated the data, which came via a Freedom of Information request.
The information shared demonstrated that while the national average for this fraud type is 3.34 reports per 10,000 people, in Warwickshire this figure was 15.67 per 10,000 people – nearly 5 times the national average.
Warwickshire also had above national average reporting for:
– Computer Fixing Fraud = 11.64 reports per 10,000 in Warwickshire
– Fees of Fake Services Fraud = 10.65 reports per 10,000 in Warwickshire
– Cheque, Plastic Card and Online Bank Fraud = 7.64 reports per 10,000 in Warwickshire
– Fake or Stolen Products Fraud = 6.77 reports per 10,000 in Warwickshire
– Door to Door Scams = 2.36 reports per 10,000 in Warwickshire
– Regular Payment Fraud = 2.35 reports per 10,000 in Warwickshire
Fraud Against Shops
Although this directly affects retailers, it can also impact consumers; many shops now have access to large amounts of customer data that could end up in the hands of fraudsters.
What Can You Do As An Individual?
Check that the sites you use for online shopping are encrypted – look for the padlock symbol and the prefix ‘https’ in the address bar.
Be cautious when sharing personal data with shops – do you really need to sign up to every mailing list?
Other National Hotspots
- Northamptonshire residents are most likely to report suffering online shopping and auction scams – it affected 21.6 victims per 10,000 compared to 16.9 nationally.
- Those living in Dorset fall for computer virus, malware and spyware fraud with 15,561 reports from 2014 to 2016.
- London is the fraud capital of a range of scams, including 16,249 reports of social media hacking
If you are a Warwickshire business, and would like any more information relating to keeping yourself safe from all crime against businesses, go to the Warwickshire Business Watch website.
Infosecurity Magazine have been discussing Shred-it’s seventh annual Security Tracker research which found that 84% of small UK business owners are unaware of the forthcoming General Data Protection Regulation (GDPR).
The firm surveyed 1000 owners of small companies in the UK and discovered that whilst 87% claimed to have at least some understanding of their industry’s legal requirements, just 14% were able to correctly identify the fine associated with the new regulation – up to €20m or 4% of global turnover.
To read the full article visit: https://www.infosecurity-magazine.com/news/more-than-half-uk-business-unaware/
Statement from Assistant Chief Constable Martin Evans: “Following the tragic events in Manchester on Monday evening, the Prime Minister has increased the UK threat level to critical.
“Operation Temperer, the deployment of military personnel alongside and in support of police firearms officers, has also been authorised.
“This will enable armed officers from certain guarding duties to release officers across the UK to support the wider national response. This is part of an agreed and well rehearsed national plan and where they are deployed, military personnel will remain under the command and control of the police service.
“Along with our partners we continue to do everything we can to help protect our communities. As you would expect, we are reviewing our activities, including those in crowded places and for pre-planned events and whilst at this time there is no intelligence to suggest a specific threat in Warwickshire we are continuing to provide a visible policing presence to offer reassurance to our communities.
“We have an established plan in place if it is necessary to manage the deployment of military personnel in Warwickshire and our security measures and activities are under constant review to reflect where the threats exist and the level of threat we are facing in the county.
Read the full statement on the Warwickshire Police website: https://www.warwickshire.police.uk/article/33086/National-security-state-raised—Warwickshire-Police-response
The British Chambers of Commerce carried out a Digital Economy Survey at the start of the year and have recently released the findings. The survey found that 18% of businesses with fewer than 99 employees and 42% of businesses with more than 100 employees have been a victim of cyber crime in the past year. In addition to this, only a 24% of businesses have cyber security accreditations in place.
To read more of the results visit: http://www.britishchambers.org.uk/press-office/press-releases/bcc-mainly-big-business-hit-by-cyber-attacks,-but-all-need-to-improve-security.html?platform=hootsuite
The Managing Director of a company held to ransom by hackers has warned other bosses to protect themselves against cyber crooks – or run the risk of web sharks crippling their businesses. The ‘ransomware’ attack on the Warwick-based business serves as an important reminder to back up all of your data.
Read more about the incident on the West Midlands Police website: https://www.west-midlands.police.uk/latest-news/news.aspx?id=5589
Take Five is an awareness campaign led by Financial Fraud Action UK and its members including partners such as Cifas and City of London Police. Take Five urges everyone to stop and consider whether a situation is genuine and to stop and think if what you’re being told really makes sense.
Today, Thursday 16th March, is Take Five Day and financial institutions, Police and Action Fraud amongst many others are supporting the campaign to encourage people to stop and think, both individuals and businesses.
Visit the Take 5 website for specific advice in relation to protecting your business which also houses a range of resources and videos – https://takefive-stopfraud.org.uk/advice/
Warwickshire Business Watch website
The Warwickshire Business Watch website hosts a range of Advice Sheets on a variety of crime prevention topics. It also houses a list of useful links and contact details for the team. The Events, News and Incident Log pages are updated regularly and these articles are sent automatically to those signed up to the Keep Me Posted Alerts.
The website’s homepage offers the ability to sign up to the Police Community Messaging Service (CMS) Alerts and the Warwickshire County Council Keep Me Posted Alerts.
Twitter – @WarksBusiness
The Warwickshire Business Watch twitter feed is used to interact with businesses; sending out key crime prevention messages. It also posts anything that is added to the News, Incident Log and Events pages of the website.
Thank you to those who utilise the Warwickshire Business Watch website, Twitter feed and Alert system, whether that is the Police CMS or Warwickshire County Council Keep Me Posted Alerts.
If you’d like more information on Warwickshire Business Watch please contact the Business Crime Advisor at email@example.com or on 07920814897.
Warwickshire Police have issued a warning that counterfeit £5 notes are in circulation and have released some advice to help identify genuine notes.
Here are six ways to make sure your £5 is genuine:
- Check the see-through window and portrait of Queen Elizabeth
- Check Big Ben is gold on the front of the fiver and silver on the back
- Make sure the foil patch changes from “Five” to “Pounds” you tilt it
- Check the crown appears to be 3D when you wiggle the note
- Use ultra-violet light to check if the “5” appears on the bottom left of the note
- Check the green foil patch contains the word Blenheim
If you’d like to read the advice on the Warwickshire Police website, please visit: https://www.warwickshire.police.uk/29742