Cybercrime is constantly evolving and changing. As hackers and criminals become more sophisticated in their techniques, the defences against them have to become stronger and broader. Hacks and data breaches regularly made the news throughout 2018 with phishing, malware and ransomware, so what can be expected as the major issues for businesses and individuals this year?
From new versions of well-known cybercrimes to the unexpected fallout of laws and regulations, here we take a look at some of the major cyber security concerns that you need to look out for across 2019.
If you’ve never heard of BEC attacks, you might be surprised to learn that they have cost businesses over £9.5 billion since 2013, according to the FBI. BEC stands ‘business compromise attack’ and it is a type of phishing that looks set to be even more of a danger to companies in 2019. In a traditional phishing attack, cyber criminals might send a genuine-looking email requesting log-in details.
In a BEC attack, a cyber criminal gains access to the email account of someone within a business and then sends emails from that account with invoices requesting payment and providing bank details apparently on behalf of someone else. The scammers go to impressive lengths to make the attack appear like a genuine request and it can be difficult for individuals to notice.
There have been a number of high profile BEC attacks including Italian football team Lazio who were defrauded €2 million during the transfer for defender Stefan de Vrij.
On paper, Brexit should have no effect on cyber security. The UK is transposing the EU’s data protection law – the GDPR – into British law known as the Data Protection Act 2018, so fundamentally, British individuals should have the same protections they currently enjoy, and businesses should need to follow the same regulations as before.
However, there are a number of things that Brexit could affect. For example, there could potentially be bureaucratic loopholes created by the confusion surrounding the new situation – these could be exploited by criminals. Additionally, it will be harder to police cyber-crime in the UK because of less co-operation and information sharing available.
The lack of understanding around Brexit could also mean that British businesses appear an easy target to hackers.
When we think of cyber security concerns it is easy to think of the problems being limited to data loss, financial theft, downtime and infrastructure issues. But in 2019, businesses need to also be concerned about the effect that a cyber-crime can have upon SEO. Remember that your search engine rankings are carefully built up over a number a years, but a single hacking incident can cause you a huge range of problems that can see you falling in your positions.
“Businesses generally have a very relaxed attitude towards the vulnerabilities and security of their websites”, commented Justin Aldridge, Technical Director at Artemis Marketing. “Over 30% of all websites use WordPress which if not kept up to date can be an easy route in for hackers to take over the website, change it and destroy its rankings in search engines.
A hacked website can take a significant amount of time to clean up and the negative impact on search rankings can take months to fully recover. The resulting negative commercial impact on a business can be very significant and often, disastrous.”
No-one knows exactly how Google’s search rankings are calculated, but sites can be flagged if they are hacked which will undoubtedly count as a negative ranking factor. Hacking sites also often have their content changed – losing your high quality can also see you plummet in the rankings. And, of course, any downtime for your site is seen as a problem too.
There is a cyber security skills gap – and it’s growing. In fact, there is predicted to be a 3.5 million shortfall in cyber security professionals by 2021. These skills gap has a double effect – firstly, it becomes prohibitively expensive for businesses to hire cyber security professionals, and secondly, it leads on to companies being vulnerable. With Brexit potentially making it harder to attract cyber security talent from Europe, this will be a growing problem for the UK in 2019.
Cryptojacking is another less-known form of cyber crime that is on the rise. It is set to be a major problem for businesses and individuals across 2019. Cryptojacking occurs when cyber criminals take control of resources, but rather than stealing data or infecting them with viruses, they simply use their computing power to mine cryptocurrency.
Whilst this might not seem like a big deal, it can seriously slow down machines decreasing productivity and creating problems with the rest of a business’ IT infrastructure.