Fertile phishing ground for hackers during pandemic

As hundreds of thousands of businesses closed their doors in lockdown, hackers were virtually kicking them wide open in sustained attacks on companies across the world.

The coronavirus pandemic proved to be fertile territory for cyber attackers, with around half of all global businesses reporting security breaches. 

But Professor Prashant Pillai, a leading expert on cyber security, says its not just big corporate which has been hit hard, with thousands of SMEs across the UK also targeted. And he says that’s why projects such as the new £9m Cyber Quarter – Midlands Centre for Cyber Security, being built at Skylon Park, Hereford Enterprise Zone, are so important.

The centre is a joint venture between the University of Wolverhampton and Herefordshire Council and part-funded by the Marches Local Enterprise Partnership (LEP) and the European Regional Development Fund (ERDF).

Prof Pillai, Professor of Cyber Security and Director of the Wolverhampton Cyber Research Institute, is one of the team developing the support which will be on offer to help businesses build resilience against cyber attack, based at the centre when it opens later this year.

There’s no doubt that the increase in cyber attacks on businesses has been an epidemic all of its own as hackers have taken advantage of the COVID-19 situation to target businesses.

This has been through phishing schemes, as they pretend to be banks or lenders helping cash-strapped businesses, or increasingly sophisticated scams via online means to business owners working from home without the embedded security of their office IT systems.”

Prof Pillai spoke out after the UK Government confirmed it has evidence that advanced persistent threat (APT) groups are exploiting the COVID-19 pandemic.

During a Downing Street update on the coronavirus briefing in May, Foreign Secretary Dominic Raab said: “We know that cyber-criminals and other malicious groups are targeting individuals, businesses and other organisations by deploying COVID-19-related scams and phishing emails. 

That includes groups in the cybersecurity world known as APT groups; sophisticated networks of hackers who try to breach computer systems.”

During the pandemic, around 41 per cent of businesses had been threatened by at least one cyber security scare since shifting to a remote working model with 41 per cent also expecting to see a data breach due to remote working.

Nearly half of all UK businesses had also reported an increase in email phishing. 

Prof Pillai added that the danger firms were facing from cyber attacks was also compounded by some businesses, already facing financial difficulties during to loss of revenue, also cutting back cyber security budgets. 

Businesses are finding it tough currently, they are looking to recover during what will be a recession. But they need to also think about the cost of what could effectively be a second disaster to hit their business. 

Research by MORI last year revealed that the average cost to a medium sized firm due to cyber breaches was around £10,000. It is really important that businesses put a focus on protecting their systems, their data and their processes because hackers aren’t going to go away. We just need to be better at protecting ourselves from their attacks.”

The new Cyber Quarter – Midlands Centre for Cyber Security will provide a single hub for cyber security needs for small or large businesses. It will provide cyber consultancy, security testing, research & development and Continuous Professional Development (CPD) training services all under one roof.

We will be able to help businesses with security assessments of their services/processes, help to be compliant in industry standards like ISO or GDPR and we can test companies’ products or systems for vulnerabilities.

The centre also will provide a bespoke CPD training portfolio for upskilling and reskilling in the cyber domain that can be catered around the needs of the organisations,” added Prof Pillai.

Online workshops and courses are already being held in advance of the centre opening. These are listed on the calendar on the Marches Growth Hub calendar at www.marchesgrowthhub.co.uk