Research shows that one in five UK firms were affected by a cyber-attack last year. Whilst on work experience Toluwa Alabi (Yr10 student) from The Bishop's Stortford High School explored the importance of cyber-security in light of the recent WannaCry ransomware attack.
Cyber-crime in the UK
Cyber-crime is defined as criminal activities that specifically target a computer or network for damage or infiltration and refers to the use of computers as tools to conduct criminal activity. Cyber-crime is a major concern for the UK government. 66 million people in the UK are left vulnerable due to the limited amount of action the government is taking on cyber-crime. The UK’s main defence for cyber-crime is the NCCU (national cyber-crime unit). Their job is to respond rapidly to cyber-attacks and help prevent attacks in happening in the first place. However, their main priorities are to find the perpetrators instead of helping the victim get their money back. Once you are held ransom there is little the national cyber-crime unit can do.
The number of cyber-attacks doubled last year with almost half of UK firms detecting a breach in 2016 with 46 percent compared to 23 percent the year before. This should be a national concern with the rapid developments taking place in cyber-attacks.
The government has stated that a “sizeable proportion” of businesses do not have the necessary protections in place to help prevent the attacks. From this we can interpret that multiple work computers are out of date and don’t have the necessary security and anti-virus software to protect themselves from cyber-attacks. This shows that companies are not considering seriously enough the dangers of cyber-attacks and the traumatising impact it can have on the business. This displays a significant amount of vulnerability from businesses which criminal exploit as the business has no defence systems and are unaware of the amount money and danger cyber-attacks can cause.
Examples of cyber-attacks
The most common cyber-attack is the fraudulent email (called Phishing). Phishing is a scam by which an e-mail user is duped into revealing personal or confidential information which the scammer can use illegally. This is because it is very well disguised as a promotion or just spam but however when you click on the link it can lock your computer and hold you to ransom. At that point, there is very little that you can do. The companies who have experienced this, claim the attacks on their business cost £1,550 pounds on average. Other cyber-attacks disguise themselves as well-known companies and brands to persuade you to purchase and transfer money to themselves. Microsoft, YouTube and retail banks are the most common examples.
This is very common as there are many similarities between the attackers and the brand's name which can easily be overlooked. The name of the email may be different however, they can have the same format and display the same information to the website you are used to. This is something that is very hard to control as people can’t and should not be concerned with every email they received however, they can easily lose focus on the vital information which separates real from the fake account. This highlights a vulnerability as a large percentage of British citizens won’t be able to detect a cyber-attack taking place.
Victims of cyber attacks
The latest cyber-attack shows the significant damage that could be done. A virus famously known as “wanna cry” is a computer malware which spread across 150 countries from all over the world. Wanna cry targets computers without the up to date windows protection. This affected huge companies from around the world which included Honda, Nissan and the NHS.
The Wanna cry cyber-attack shows just how vulnerable the UK is as it caused a crisis and made patients test results and uploaded x-rays to be put on hold. Patients private information could have easily been exposed. Luckily there were no fatal incidents associated with this cyber-attack, however had the delays continued hospital patients could have been seriously compromised or even incurred serious damage.
This puts a large percentage of the public in danger as currently hackers are now seen as the people in control. The NHS was informed that they were exposed and were advised to update their systems but decided not to. The NHS are not the only company to choose not to update their systems. This displays a lack of awareness if Microsoft explains the dangers of having the old systems and companies still decided not to purchase or change their system. This attack was described by Microsoft as a giant wake-up call and I hope the rest of the world see it that way.
To conclude, I believe that UK companies and the public are vulnerable to cyber-attacks. People overlook or ignore all warnings that tell us we shouldn’t click on these links and never consider spending money on anti-virus protection. Overall, I believe that all UK citizens or businesses should spend time and money on learning and identifying cyber-attacks and purchasing anti-virus software for protection.
Toluwa Alabi -TBSHS
23rd June 2017