Business and Cyber Crime are two areas that have become increasingly problematic not just locally but on a global scale. Along with the traditional threats, businesses must now contend with the invisible threat to their online activity as well.
According to Warwickshire Police and the National Police Chiefs’ Council, business crime is defined as:
“Any criminal offence that is committed against a person or property that is motivated by the connection of that person or property to a business.”
Business crime features as a priority for Warwickshire Police and Crime Commissioner. In the last 2 years there has been a decrease in the numbers of business related crimes, from an average of just under 553 business crime offences per month in 2016, to an average of 300 offences per month in the last 12 months (October 2017 – September 2018) across the whole of Warwickshire.
It is acknowledged by Warwickshire Community Safety Partnership (CSP) as a cross-cutting theme within their CSP priorities.
“I am truly pleased that the team has been able to achieve an important part of this journey and I will continue to drive forward a collaborative approach to addressing business crime across Warwickshire.”
– Bogdan Fironda, Business Crime Advisor
When it comes to cyber-crime, there are a variety of definitions that have been constructed and still some debate over a definition of substance. Warwickshire Police’s definition suggests that:
“An offence should be flagged as cyber-enabled where the reporting officer believes that on the balance of probability, the offence was committed, in full or in part, through a computer, computer network or other computer enabled device.”
Cybercrime is an umbrella term used to describe two closely linked, but distinct ranges of criminal activity. The Government’s National Cyber Security Strategy 2016-2021 defines them as follows:
- Cyber-dependent crimes– crimes that can be committed only through the use of Information and Communications Technology (ICT) devices, where the devices are both the tool for committing the crime, and the target of the crime (e.g. developing and propagating malware for financial gain, hacking to steal, damage, distort or destroy data and/or network or activity).
2. Cyber-enabled crimes– traditional crimes which can be increased in scale or reach by the use of computers, computer networks or other forms of ICT (such as cyber-enabled fraud and data theft).
The National Crime Agency (NCA) has put together an online safety guidance addressed to both individuals and businesses:
Hacking is the primary method for infiltrating networks. Through the injection of specialist software, hackers seek to gain unauthorised access to computer networks and systems and take administrative control of these.
Successful hacking attacks can compromise data stored on the network of individuals, products, strategic plans, sensitive data and commercial data. This data is often then sold on to fraudsters.
Hacking also has the potential of putting the operation of systems which control physical infrastructure at risk.
Distributed Denial of Service (DDOS) attacks
DDOS attacks prevent legitimate access to online services by swamping the communications links with a mass of traffic so that users are unable to access the service as it cannot handle the volume of incoming traffic.
These attacks are usually undertaken through the use of botnets – a group of compromised, controlled computers which involuntarily send messages simultaneously to the computer or server.
From a business perspective, DDoS attacks can cause data and revenue loss, compensation of damages, lost work hours/ productivity, reputation damages and disappointed users that may never return.
Ransomware is a growing cyber threat to both individuals and businesses. Ransomware is a type of malware that locks your computer or mobile device and encrypts your files. When this happens the only way you can get access to your files is to pay a ransom. If you’re a victim of ransomware – do not pay. There is no guarantee you will get your files back.
The No More Ransom project offers decryption keys for many different types of ransomware. Visit the No More Ransom website for advice on protecting yourself from ransomware and what to do if you’re a victim.
Remote Desktop Protocol (RDP) attack
To maintain the networks that support this type of working arrangement, many small and medium-sized enterprises (SMEs) rely on off-site tech support teams using remote desktop protocol (RDP) to diagnose and repair network problems. RDP allows for secure network communications between a terminal server and a terminal server client. It is commonly used by network administrators to remotely access virtual desktops and applications.
Using RDP does carry a certain level of risk, particularly because unguarded remote desktops are quickly becoming the favored point of entry amongst hackers. Sadly, many companies are leaving themselves exposed by not following a few simple security measures.
In an RDP brute force attack, hackers use network scanners such as Masscan (which can scan the entire Internet in less than six minutes) to identify IP and TCP port ranges that are used by RDP servers. After tracking one down, the criminals try to gain access to the machine (typically as an administrator) by using brute force tools that automatically attempt to login over and over again using countless username and password combinations. During this time, server performance may take a hit as the attacks consume system resources.
Once an attacker has access via RDP, they can do pretty much anything within the hacked account’s privilege limits. Criminals who have gained administrator access can do more or less anything they want, including disable antivirus software, install malware, steal company data, encrypt files and much more. As you might imagine, this level of disruption can have an enormous impact on a company’s reputation, finances and day-to-day operations. While some cyber criminals simply want to create chaos, many launch RDP attacks with set goals in mind, that is stealing and causing internal issues to companies.
Keylogging is the process of secretly recording keystrokes by an unauthorized third party. This software is often used for malicious purposes such as stealing passwords, financial and personal information, as well as for business espionage.
Phishing refers to the process of deceiving recipients into sharing sensitive information with an unknown third party (cyber criminal). Despite many tools in place to prevent them, phishing attacks continue to be a menace to individuals, employees and businesses. When phishers launch attack, they usually set up a malicious landing page that closely resembles the web page of a trusted brand or stakeholder. This makes it easier to convince victims into responding to a call-to-action, such as clicking on links, downloading and filling out forms.
Spam is unsolicited bulk email, the electronic equivalent of junk mail that comes to your inbox.
Trojans are malicious programs that pretend to be legitimate software, but actually carry out hidden, harmful functions. These can be used in a number of ways, deleting data, creating back-doors around security processes or sending spam emails.
Malicious software commonly known as ‘malware’ affects businesses on a daily basis. It disrupts IT and computer processes and in extreme cases can delete, steal or hold to ransom valuable business and personal data, such as the ones mentioned above.
Malware can be thwarted by firewalls and cyber security but by being vigilant and understanding how different types of malware work can help prevent your computer and network becoming infected, hence keeping businesses and individuals safe online.
To get an idea of the extent of the problem, Warwickshire Cyber Safe team conducted a Survey in 2017 into Cyber Crime. They found that 59% of people surveyed felt at risk online, 15 000 had been a victim of phishing scams in the last 12 months and 30 000 of these fell victims to viruses and malware. Compared with the previous survey, this survey identified lower numbers of people who do not know how to protect themselves online. A total of 8.8 million has been lost to cyber crime in 2017.
According to the Regional Organised Crime Unit, ransomware accounted for just below 50% of all live cyber reports received by Action Fraud in September 2018. Remote Desktop Protocol (RDP) attacks continue to be the most common infection method throughout September 2018. Reports concerning DDoS also increased with reports of multiple DDoS attacks targeting businesses and government bodies. Data breaches have remained a trend in the last couple of months, employees and subscribers losing their privacy to cyber criminals who use their personal information such as email address, date of birth and home addresses for illegal purposes.
Business Watch is here to help businesses guard against the threat, committed to identifying gaps and tackling this problem through partnership working.
The aims of the Business Watch Project include:
To identify and promote effective techniques for successfully engaging business communities to enable them to become more self-resilient in preventing and deterring crime.
To gain the confidence of the public to report crimes to the police and other organisations, establish a true picture of business crime and ultimately reduce crime and the fear of crime.
To develop and support Business Watch website for Warwickshire business community, providing information and advice on business related crime; Twitter account is also set up.
To work with partner agencies to increase membership in our business communities.
To develop a Countywide Business Watch Scheme using best practice enabling information to be circulated to members.
To support Police Safer Neighbourhood Team staff in the business areas by providing training and tool kits for them to use.
Advice regarding Business/Cyber Crime
When it comes to increasing your security online, there are a variety of sources of information which assist in doing this so that you can concentrate on running your business with peace of mind. Prevention is far better than reacting to the problem.
Cyber Essentials: www.cyberessentials.ncsc.gov.uk
Cyber Streetwise: www.cyberstreetwise.com
Get Safe Online: www.getsafeonline.org
Trading Standards: www.warwickshire.gov.uk
Trading Standards/Cyber: www.tradingstandardsecrime.org.uk
Warwickshire Cyber Safe: https://www.cybersafewarwickshire.com/
Warwickshire County Council have a Business Crime Advisor in post who is funded through the Police and Crime Commissioner and who will be developing training packages, resources and acting as a single point of contact for businesses regarding business and cyber crime across Warwickshire.
More advice could be found on Traditional, Cyber and Seasonal Crime pages. The downloadable PDF documents provide a useful guide on how to keep yourself and your business safe.