Cyber Risks: a common threat for business

The National Cyber Security Centre, UK (NCSC) had alerted that the technical skills required to commit cyberattacks continue to decrease and that malware devices are easily acquired on the dark web which means “the number of individuals capable of launching basic cyberattacks is increasing” (NCSC, The cyber threat UK business, 2016/2017).

As reported by the NCSC (The cyber threat to UK business, 2017-2018 report) ransom Distributed Denial of Service (DDoS) attacks have increased since mid-2017 when a South Korean web hosting company paid a ransom fee in Bitcoin equivalent to US$ 1 million. The hacking group Phantom Squad threatened financial institutions, hosting providers, online gaming services and Software-as-a-Service (SaaS) organisations in Europe, Asia and the US and demanded a ‘re-instatement of services’ payment in Bitcoin.

It appears that Bitcoin is a ‘reliable’ tool for money laundering and computer crime.

Criminal groups may target not just one company, but a whole branch or branches of various industries such as financial services. Phishing e-mails may be used to gain access to computer systems, including databases, and thus steal customers’ data. Moreover, the business email compromise (BEC) may be used by the criminal to impersonate a senior executive and thus deceive an employee or a customer into believing that a transfer of funds or information is ordered or requested by an authorised person.

The problem is further exacerbated by the fact that centralised uniform databases and applications of international or global corporations are accessed by employees who work remotely from the office locations. Under such circumstances, there are fewer possibilities for maintaining the security of computer devices, which again may lead to vulnerability of the data protection.