The United Kingdom National Cyber Security Center (NCSC) is today launching two new services for the nation’s 5.5 million small businesses, one-third of which were targeted by cybercriminals in 2022, but often lack the know-how and resources to effectively respond to the threat and protect their livelihoods.
The Cyber Action Plan and Check Your Cyber Security tools are part of the latest phase of the NCSC’s long-running program. cyberconscious campaign and aims to raise awareness of cybersecurity issues among small businesses, micro businesses and organizations, as well as sole traders.
“Small businesses are the backbone of the UK, but we know cybercriminals continue to see them as targets,” said Lindy Cameron, CEO of NCSC.
“That’s why the NCSC created the Cyber Action Plan and Check Your Cyber Security to help strengthen their online defenses in minutes. I strongly encourage all small businesses to use these tools today to keep cybercriminals out and get their operations back on track. »
Cyber Action Plan is a quiz that walks users through a series of questions related to cybersecurity basics such as credential hygiene, backups, and patches. It can be completed in five minutes, and upon completion, users will receive personalized advice based on their answers on how they could improve their security posture.
Check your cybersecurity – also accessible through the action plan – offers free, instant online tests to check the security of the user’s IP address, website and web browser, with tests for email services that will be added in the near future. It requires no software download on the user’s system and is designed to be used by all small organizations to identify and resolve security issues quickly and efficiently.
Given the publicity and impact of high-profile cyberattacks such as those on royal mail Or WH Smithmany small business owners could be forgiven for thinking they are unlikely to be targeted by cybercriminals.
However, that couldn’t be further from the truth, and for those unlucky enough to fall victim – without the support of a CISO, security team, or forensic investigator – the experience can be traumatic.
Keri Ackling, co-owner of a small business with husband Tom, worked hard for six years to grow snow windows, a small business that creates custom festive designs, decals and stencils for people to decorate their windows at Christmas. In 2021, she fell victim to a phishing email that appeared to come from Instagram, where she runs a popular account showcasing his work.
“He said that now I was close to 10,000 subscribers, my account was eligible for all of these other features, such as going live and checking the blue tick. Since the information was accurate – our account didn’t only had a few hundred subscribers to less than 10,000 – I clicked on the link and entered my email and password to verify the account, soon after I realized that all the posts had been deleted from the Instagram account,” Ackling said.
“It was completely nauseating. You work so long and hard building social media pages and growing your following and it all just disappeared. A lot of my business was from Instagram at this point so the prospect of everything it was devastating.
Later, Ackling noticed that the attacker had posted an Instagram story on his account demanding a Bitcoin ransom to restore his access. “There was never any question of paying him. Besides not wanting to give in to it, we didn’t know how to get our hands on Bitcoin,” she said. “We refused to pay the ransom and ignored the message, instead we spoke to Instagram and explained the issue. But suddenly and without warning, the account was completely closed.
Snow Windows derives huge volumes of business from her social media accounts, and Ackling and her husband feared they would never regain access. They even launched a campaign to get it back and were featured on BBC and DJ Chris Moyles. Radio-X show – Moyles was previously a client.
Meta eventually reinstated the account and reset Ackling’s connection, however, she then began noticing issues with her linked Facebook account, where the company has over 200,000 followers.
For the past 18 months, Ackling has been unable to post ads on its Facebook business page, and Meta appears to have been unable to fix it.
“In 2019, the Snow Windows Facebook page had 273 million organic interactions from October to December. So over three years later, we can’t imagine how much growth and business we’ve missed out on. of this problem,” she said.
Aiden Ryan, meanwhile, launched his business Manchester Bread as a locked bakery project in May 2020. It now supplies pastries to cafes in Manchester, as well as the Trafford Center branch of Selfridges. Ryan suffered a cyberattack on his personal Twitter account after his credentials were leaked on a dark website.
After being burned in this way, when setting up Loaf, Ryan prioritized the implementation two-factor authentication on all his social media accounts and created a brand new email address.
“It’s one thing when it happens to your personal accounts where you talk to friends and family, and it’s another when it’s a business account with 14,000 follows and two to three years of work behind it. “, did he declare.
“I think since I started using two-step verification, I felt more confident. I’m not afraid of this happening to me, but I know you can always do more.
“The bread was built thanks to the community. It was an underdog story – people want to see good things happen. That’s why I’m also passionate about it – I want to help others in the business world recognize that it matters. Businesses are built on community and thrive on community.