The Corona virus is currently all over the news, and the problem of cybercrime is no longer front-page news. Nevertheless, despite these hard times cyber criminals do not feel any scruples breaking into systems, even hospital systems.
In a few articles we will tackle this theme and update you on what is going on. We will deal with such aspect as awareness, prevention, legislation and real hacker attacks.
A well-known proverb is ‘prevention is better than cure’, and it not only applies to our health. Especially in the field of cybercrime many hacker attacks could have been prevented, and as a result much downtime in essential company processes could also have been prevented. When company processes break down, the costs are sometimes impossible to calculate. The problems are even further compounded when ransom money is demanded for freeing up a system again, as was recently the case with universities in Maastricht and Antwerp. And payments of ransom money are required to be a bitcoins, so it is impossible to trace the criminals by following the money.
Research by Allianz (Allianz Risk Barometer 2020) states that 39% of 2700 respondents worldwide says that the biggest business risk they run these days is a cyberattack.
Particularly SMEs underestimate the risk of cybercrime. They are heard to say that ‘we are not big enough’ or ‘our data are not interesting’. On top of that, their IT departments are often ill-equipped in case a cyberattack is launched. Here is one real-life example. Six months ago the access codes of the bank accounts of a dental clinic in Rotterdam were hacked. Tonnes of money were transferred to bank accounts in far-away countries. Fortunately, this involved purely money but not client data.
Irrespective of company size, good agreements in the field of data protection and cybercrime prevention have to be made. Prevention also means awareness among employees and management, so that attacks can be prevented. As long as it is people who sit behind a computer, it is these people who will have to be made aware of the constant and real dangers. Clear instructions are needed about what can and what cannot be done. The latter is e.g. not opening emails of strangers and not opening their attachments or clicking on links in their messages. This goes for when people work in the office but also when they remote work from home. Also on their private computers people should take the same precautions. Once inside a system, a hacker can easily hijack all sorts of data and work his way onto other networks.
So-called phishing emails do not only come in the form of emails, but also as text messages or WhatsApp messages. Often a request is made to log onto an account with a pin code or transfer money to an acquaintance in need.
How can we create security at home and at work? It is an illusion to think that 100% security is possible, but having said this, it is wise to be vigilant and use common sense. Emails from somebody unknown should not be opened but instantly deleted, after which the recycle bin has to be emptied. Text messages and WhatsApp should never prompt immediate action but should be analysed and verified, using common sense. Sometimes, in case of doubt, checking with a bank is very helpful. Trust is good, but checks are better. Cybercriminals should not be given a window of opportunity.