Posts

Limiting the Impact of Cybercrime

This new crisis of Covid-19 presents a number of unforeseen challenges to companies, with many needing to create a new standard for working remotely, or where this is not possible the requirement becomes to seek funding, reduce employee numbers/hours or close temporarily.

One of the more unexpected challenges of this time is the resurgence of cybercrime. Cyber criminals tend to utilize major news events as an opportunity to mount a criminal campaign and the Covid-19 crisis is no different. This campaign can take many forms. One of the most common at present being the false emails issued regarding a change of banking details, luring the receiver into issuing payments to the wrong account at what is already a deeply difficult time for companies.

Des Ryan, solutions director for Microsoft Ireland has explained this new resurgence is an attack of opportunity as cyber criminals tend to prey on events which may weaken the defences of a business, in this case the shift to remote working situations.

“Cyber criminals are opportunistic […] we are definitely seeing Covid-19 related attacks as attackers are just using this to find the weak link.”

It is also suggested that cyber criminals are merely adapting their usual tactics to profit from the current crisis. The current breed of cyber criminals is known for sending false emails detailing a change of bank details or requesting a change to Revolut (which would ensure that the funds are transferred with immediate effect). There have also been a number of fake charity accounts set up purporting to benefit the current Covid-19 crisis. These criminals are preying on companies who may not have been prepared to work remotely and have had to set up a temporary system quickly and without training and protection in place and targeting staff members who are now outside of their comfort zone and possibly distracted with their surroundings. Utilising personal laptops and phones etc. may also be a point of weakness as these will not be as secure as those in the workplace.

Many are already feeling the strain of this current atmosphere of anxiety and so it seems We are all protecting our staff health during this time, but how can we protect the digital health of our business at what is already an intense time?

  • Consider setting staff up with work laptops and phones where necessary. This will ensure that the devices are as protected for home use as they are within the office environment. Having equipment to hand that requires multi-step authentication will provide extra security.
  • Where possible, if a work laptop is not issued, staff should try to ensure that the computer is used only for their work during this time if they deal with sensitive information.
  • Online security training may be a good way for staff to utilize this possibly quieter time to upskill.
  • Remember and remind your staff of the basics of verifying the origin of an email or phonecall before dealing with any bank details. Often, false emails can be incredibly convincing until you hover over the email address and notice that it isn’t correct.
  • Ensure that all staff are aware of these targeted campaigns and are extra vigilant when dealing with any bank details or personal details.

We hope that this information will be of benefit to you and your company and that you and your staff are staying healthy and well in these difficult times. We are as always available should you require any advice or guidance on any business of financial matters.

Cyber Security – Protecting Against Invisible Threats

As a business owner, your primary concern will be for the continued safety and prosperity of your business. Despite the fact that we live in an increasingly digital age of constant connection, one area of security that often falls flat for businesses is that of Cyber Security. We often rest on our laurels and forget just how connected we all are on a daily basis and how easy a data breech can occur, and snowball into a critical issue. In recent months, the new GDPR (General Data Protection Regulation) guidelines have somewhat brought the issue of online and data security to the forefront of business issues. Today we have decided to talk about the issue of cyber security and how you can best ensure the continued safety of your business.

While it may appear impossible to fight against such an enormous beast as the World Wide Web, there are in fact a great many measures that can be taken to ensure the security of your data. In recent months it has become increasingly regular that business payments may be made into incorrect bank accounts due to fraud as email is one area that is often the most easily compromised. As a result, it is imperative to ensure that all employees are aware of the dangers associated with unsolicited or incorrect emails. This is particularly vital in the case of SMEs, for which a breach could be fatal. We would advise ensuring that all employees are trained and aware of the dangers. We have compiled a few tips to assist you in this endeavour.

  • Create company-wide awareness of the data which most needs protection and how/where this data is stored.
  • Ensure that your company has a strong password policy in place and that each worker abides by the password requirements. Changing passwords regularly is also advised.
  • Have a plan in place should a breach occur.
  • Encrypt important confidential information to protect it from unauthorised access.
  • In some cases a privacy screen for monitors may be helpful.
  • Always check the email address from which a suspect email has come from. Often the email itself will seem like a genuine invoice, but the email address may give it away as fraudulent.
  • Use extra caution when dealing with any emails requesting payment.
  • Verify payments and payment details directly with the person who has requested them, it is better to do this outside of the email system.
  • Never open any suspicious emails containing attachments or links.
  • Use a reliable security software solution.
  • Never leave your wireless systems unprotected.
  • Ensure that only the necessary employees have administrative access.
  • Should your business bank details be compromised in any way, notify the bank immediately and also ensure that other companies you have dealt with are notified of the breach in case their own details may have also been compromised.
  • Stay ahead: The internet is an ever changing world, it is vital to stay aware of updated risks. It should never be assumed that a threat has passed and the business is entirely safe.

We hope that this will be of assistance in ensuring the continued cyber safety of your business.Should you have any queries or require further information on this or any other business or financial matter please don’t hesitate to contact us here at EcovisDCA’s new head office, where as always we will be delighted to help.

– – – – –

DCA PARTNERSDECLAN DOLAN & EAMONN GARVEY

DOES YOUR COMPUTER NEED A FLU JAB?

Technology companies are fast becoming one of Ireland’s top business areas, with many worldwide tech companies choosing our little island on which to set up shop. It’s not surprising then that technology is everywhere, a huge part of our everyday lives from getting us to work to business meetings and finding that perfect recipe for dinner (not to mention firing up Netflix) when you get home. It is often not until we attempt an ‘unplugged’ day that we realise just how big a part it has to play. With that in mind, it would stand to reason that we should look after these new extensions of our business so that they don’t come down with “an awful dose” as the Irish Mammy would say, or become the target of an attack.

Recently Rob Sadowski, director of marketing at security company RSA has spoken out about the need for tech security in businesses, stating that it is now a major security challenge for companies having to detect and respond to technological threats. Many companies do not utilise the security systems at their disposal for their technology, with some not having any installed anti-virus software, or as Sadowski states “defences built for yesterday’s IT”. Many companies also fail to have the correct staff to deal with these threats. When we think about the information stored on these machines, it would be wise to ensure that our technology is as protected as possible.

In this technical age, our computers are always at risk of various threats, as evidenced by our overflowing SPAM and junk mail folders that seem never ending. If your company is one of the many that still has a primary focus on outdated IT security systems and antivirus software, Sadowski suggests moving into a mode of preparation. Ensuring that your data is as protected from any outside threat as possible will be far more beneficial to your company than running that daily antivirus software. One of the primary methods of achieving this is to ensure that your company has well-trained and knowledgeable IT specialists who can identify threats and possible attacks in order to limit issues.

A recent RSA survey found that less than 10% of companies felt that they could detect a threat quickly enough whilst 90% admitted to not having the facilities to investigate these threats before they became an issue. This survey also showed that it is not merely the bigger companies who find themselves targeted, but also smaller companies and companies storing various forms of data other than financial. It was also found that smaller companies can be attacked as a gateway to a larger partner.

This might all seem very ‘doom and gloom’, but with our technology advancing and becoming more of an integral part of everyday and business life, it is important to ensure that safeguards are in place.

If you have any queries or require our assistance in budgeting for your own IT security team, please don’t hesitate to contact us here at DCA Accountants where we will be happy to help.