Amateur cyber-criminals are using off-the-shelf hacking tools purchased from the dark web to target small businesses, driving a significant rise in the amount of data lost to this hidden part of the World Wide Web.
According to intelligence company, Terbium Labs, who carried out the recent analysis, small and medium-sized enterprises (SMEs) are 20 times more likely to have their data stolen and distributed on dark web forums and websites that aren’t ranked by the major search engines.
Earlier this year, the National Crime Agency closed down a prolific dark web site that was renting out rudimentary cyber-hacking tools to amateur hackers for just £10.
Danny Rogers, Chief Executive of Terbium Labs, admitted “hackers aren’t fussy” and suggested common attacks were being made on “schools, local restaurants, retail shops/chains and smaller medical/dental practices”.
Danny believes these organisations are being targeted as they are the “sorts of businesses [that] have a lot of payment card information or personal data that hackers can quickly monetise”.
Small businesses are increasingly reliant on or base their entire business on digital technology. In a modern and demanding world, doing so represents one of the few ways in which businesses keep ahead of the competition both locally and on the global scale.
Technology has enabled lightning-fast connectivity, near instant transactions and generated entirely new industries as a result. In the decades ahead, this will only increase with rapid developments in machine learning, the internet of things and blockchain all set to make huge impacts across wide-ranging sectors.
However, technological developments are a double-edged sword. An increasing reliance on technology brings with it a variety of risks from malfunction, accidental loss, activism, insider threats, cyber-crime and even advanced persistent threats from governments or state-sponsored groups.
This is coupled with an expanding set of requirements and regulations such as General Data Protection Regulation (GDPR), an increase in public awareness of personal data privacy and considerable reputation loss where breaches occur. In some instances, businesses do not have a clear and actionable plan in place to react to such issues.
The importance of seeking expert advice on your firm’s cyber security
Richard Washington, Senior Digital Technology Manager, TaxAssist Accountants, admits that while it isn’t possible to “remove 100% of risks” online, a proactive approach to your business’ safety online is highly recommended.
“The best current solution is to seek professional expert advice and act on it,” said Richard.
“The cyber security industry is rapidly growing and will be able to help you and your business take advantage of the latest technology while mitigating the risks.
“They can also help you create a business continuity plan so that, if the worst does happen, you will be as prepared as possible.
“Using professional services can help you quickly get ahead of the cyber security curve, allowing you to concentrate on running and growing your business.”
With the UK’s tax system set for digitisation in the coming years with Making Tax Digital, sole traders and small businesses will be increasingly reliant on the internet to periodically maintain their business accounts with HM Revenue & Customs (HMRC).
It’s more important than ever that you take a proactive approach to your cyber security and get professional support from security providers. The professionals can help you understand the threat landscape and plan ahead to reduce your exposure and increase the chance of business recovery following a breach.