Learning how to avoid being a victim of crime is an important life skill. At school you learn to lock your locker securely and not allow other people to see what the combination numbers are. You would not leave an expensive or favourite coat hanging up unwatched in the cloakroom and you would not broadcast how much money you were carrying in your pocket.
As you get older, you learn that when you hear about a ‘too good to be true’ deal, it is most unlikely to be true. You know that someone calling at your door unexpectedly might not be who they say they are, and if you buy a gold watch in a street market, the gold might wear off in a week or two. Perhaps you learn some self-defence, carry pepper spray, install a burglar alarm or get a guard dog. You might simply avoid people and places where you feel at increased risk. Although it is always possible that you could become a victim of crime, there are some basics you can do to minimize that chance.
The same is true of cyber-crime
When you connect your computer or phone to the internet, you are in the cyber world where many criminals are seeking to commit crimes just like the real world. In the same way that you probably now take for granted, you will need to learn about key basic procedures to protect yourself.
Similar to locking your doors and padlocking your bike, using secure unique passwords are essential to stop unauthorised people entering your accounts. Other security measures are enabling your computer’s firewall, installing anti-virus and updating your software.
Comparable to having building and content insurance and installing smoke alarms, backing up your data ensures you can’t lose everything if you are hacked or ransomed.
Akin to being suspicious of strange and unusual callers, and double-checking people’s ID, be suspicious and on high alert for strange seeming emails and other messages. Never click on a link that is sent to you unless you are expecting it and are sure it is reputable.
Just as you would stay away from dodgy areas when you are walking home, be cautious about the websites you visit and the origin of the software that you install.
What is cyber-crime?
Cyber criminals are people who commit crimes online, the crimes are frequently different types of theft and fraud. The valuable commodity online is personal information, this includes details such as your name, address, date of birth, payment card and bank details and username and password. This information can be sold for a lot of money to other criminals who can use it to set up accounts in your name, commit crimes and financial fraud in your name and run up thousands of pounds in charges that you are responsible for.
Just like a regular scammer, cyber criminals can send very sneaky and convincing emails to people pretending to be their bank, HMRC, PayPal or their boss. They can send out emails from your email account pretending to be you! Within the email is a link that once clicked, could download malware* to steal, destroy or lock up the computer’s data. It is also common for these ‘phishing’ emails to try to take you to a phoney website or call centre, where you will be asked to enter your personal information in a fake authentication process. This is how the criminals steal your details. Be alert to these scams and delete suspicious emails and hang up on suspicious phone calls. *Malware is software designed to cause harm.
Criminals are even able to take control of your computer without you realising and use it to send spam or attack other computers.
When someone online takes action against you or your computer with the intent to cause harm, we call that a cyber-attack. Most cyber-attacks are launched randomly and in an untargeted fashion from unsophisticated computers. This means that you could easily find yourself under attack despite not believing yourself to be a target. These attacks are seeking the easiest access points and may identify targets for further attacks. Most of these attacks can be thwarted by having some basic controls or safeguards in place and learning some simple good habits.
The National Cyber Security Centre is a Government organisation that offers support and advice to individuals and businesses about how to stay safe online. Check out their website for further information.
As more of our information and activities go online, cyber security has become a necessary part of life that keeps us safe from crime. Just like learning anything new, it can be broken down into small steps and implemented in bite sized chunks. Businesses of all sizes are at particular risk of cyber-crime and would benefit from working towards Cyber Essentials which is a Government approved scheme. By implementing just five core controls that protect against most cyber-attacks, businesses can ensure they are on the right track as well as demonstrating to their customers and suppliers that they are serious about cyber security.
This article has been written by IASME. The IASME Governance standard was developed over several years during a government funded project to create a cyber security standard which would be an affordable and achievable alternative to the international standard, ISO27001. The standard allows small companies in a supply chain to demonstrate their level of cyber security for a realistic cost and indicates that they are taking good steps to properly protect their customers information.