Small firms need to be vigilant against cyberattacks

More regional SMEs than ever before are making cyber security a priority following the recent ransomware attack on the HSE, according to IT security expert Gavin Dixon from BITS.

Dublin, Kilkenny and Carlow-based BITS (Business IT Solutions) said the company had noticed a worrying rise in the number of cyber threats and attempted digital fraud against companies across the South East region.

However, Dixon explained that the the cyberattack on the HSE has really heightened awareness amongst regional firms that IT security should be an investment rather than a cost.

“For a long time, there was a misconception that cybercriminals didn’t target smaller businesses, that they were only interested in larger organisations”

Inundated with calls from companies in recent months concerned about their cyber security, BITS recently increased its workforce to more than 20 people for the first time ever and is continues to grow its workforce to cope with the demand from the regional SME sector.

Impact of HSE attack

“For a long time, there was a misconception that cybercriminals didn’t target smaller businesses, that they were only interested in larger organisations”, said Dixon.

“With more and more SMEs now trading online and employees working remotely, they are often easier to target because they have limited IT security measures in place”

“But the impact of the attack on the HSE, coupled with the fact that so many people are regularly being targeted through their personal and professional phones and emails for phishing scams, has heightened awareness that they are also vulnerable to data breaches and could be the victim of a cyberattack.

“SMEs are correct to be concerned. We have encountered a dramatic and quite alarming increase in cyberattacks on smaller companies in the region over the past year and a half.”

Dixon said that digitisation as a result of the Covid-19 pandemic significantly increased their exposure to risk from hackers.

“With more and more SMEs now trading online and employees working remotely, they are often easier to target because they have limited IT security measures in place. And all the data would suggest that this trend will continue, the attacks will become more sophisticated as technology develops. The adverse impact of a cyberattack on a small business can be catastrophic, resulting in not only financial losses but also serious reputational damage caused by data breaches. In ransomware cases, it’s effectively a case of someone breaking into your house, changing the locks and then you have to pay them to give you the keys, or get a new house.”

Cost-effective steps to defend against cyberattacks

Dixon said there are some simple, cost-effective steps that company owners can take to prevent and respond to cyberattacks, such as training all staff to be alert to phishing scams.

“Human error can be a major factor in data breaches and, more and more, we’re getting calls from companies in the region where a cyberattack originated with a staff member innocently clicking on an infected link.

“Cyber security needs to begin at a cultural level and the human firewall remains a company’s most effective form of security. However, though staff training can reduce danger, it is no substitute for an effective IT security system.

“Smaller companies can no longer assume they’re too small a target. While institutions like the HSE make the biggest headlines, SMEs are disproportionately targeted by cyber criminals. The unfortunate truth is that any business – whatever its size – has to assume themselves a target. Not least when cybercrime is as profitable, prevalent and predatory as it has become.”

By John Kennedy (john.kennedy3@boi.com)

Published: 18 June 2021

Recommended