SMEs at increasing risk of cybercrime

Cybercrime is on the increase, with companies of all sizes, and particularly SME’s, at risk of cyberattack.

On 28thJanuary 2022, KP Snacks was a victim of ransomware, prompting the company to issue a warning to its retail customers that there would be a shortage of its most popular crisps and nuts, and advising that disruption would occur ‘until the end of March at the earliest’. The attack serves as a timely warning that cybercrime is a very real threat that all businesses should take seriously - and take steps to protect against.
 
Ransomware is a type of malicious software that infects a computer and restricts users’ access to a computer system until a sum of money, ‘a ransom’, is paid. It works by encrypting a user or organisation’s critical data so that they cannot access files, databases, or applications. The malware can be spread through phishing emails, email attachments and computer worms, with users informed of a ransomware attack by an on-screen alert.
 
While ransomware has been around for decades, the National Cyber Security Centre’s (NCSC) 2021 annual review found there were three times as many ransomware attacks in the first quarter of 2021 than in the whole of 2019. In the first four months of 2021, the NCSC handled the same number of ransomware incidents as for the whole of 2020.
 
It’s a worrying trend, and it’s on the increase, with ransomware suspected of costing the global economy billions. Computer Weekly reported that individuals and organisations in the UK suffered losses of £1.3b in the first half of 2021 due to a cyberattack.
 
GOV.UK’s sixth annual survey reveals that the most common cyber threat is phishing, followed by impersonation and that four in ten UK businesses and a quarter of charities have had security breaches or attacks in the last 12 months. The report also reveals that only 43% of businesses and 29% of charities have taken out cyber insurance - with smaller businesses displaying a lack of understanding of the problem.  
 
The need for cyber insurance

Cyberattacks can compromise your data, security, reputation and ability to trade, and those businesses without cyber insurance may well be left in a difficult position. In addition, the Information Commissioner’s Office requires notification of a breach involving personal data within 72 hours and states that companies should have ‘robust breach detection, investigation and internal reporting procedures in place’. In other words, a cyberattack can prove to be debilitating, requiring specialist assistance.
 
In such cases, cyber insurance can offer a real lifeline, providing expert advice and support when needed and offering protection against a wide range of risks, including loss or damage to digital assets, security breaches, reputational damage, business interruption, theft and money etc. Covers can vary on each policy.
 
To find out more about cyber insurance and how it can help you, please visit here, and if you’d like to talk to NLIG about arranging a policy tailored to your individual requirements, call us on 01992 703 300 or email: insurance@nlig.co.uk

Sources
The Telegraph: Nuts and crisp supplies at risk after cyber attack hits KP Snacks
Gov Tech: Data Breach Numbers, Costs and Impacts All Rise in 2021
Computer Weekly: UK loses £1.3bn to fraud and cyber crime so far this year
Col Police Maps: FIB Fraud and Cyber Crime Dashboard - 13 months of data
Gov.uk: Cyber Security Breaches Survey 2021