How do geopolitical cyber-attacks affect the average UK SME?

It is not unusual these days to hear about a corporate or public entity being subject to a cyberattack or losing large quantities of data. The attacks garnering most attention are, characteristically, not perpetrated by a bored teenager (a so-called ‘’script kiddie’’) but are instead state-sponsored and geopolitical in nature.

One of the more recent attacks includes the Australian government cyberattack in February 2019, linked to Iranian cyber espionage group ‘Iridium’ – a group also believed to be responsible for a similar attack against the UK government in 2017. Other geopolitical cyberattack examples include the WannaCry ransomware in 2017, the supposed Russian interference in the US 2016 presidential election, North Korea’s attacks against SWIFT and Bitcoin, and the numerous Russian assaults on Ukrainian infrastructure.

The effects of these geopolitical cyberattacks are often under-estimated always seem to be misunderstood, as people often forget about the incident after a couple of days of bad press. The long-term ramifications of such an event are often not truly comprehended by smaller businesses in the UK.

The 2019 Cyber Security Breaches Survey shows 31% of micro and small businesses have encountered breaches or attacks in the last 12 months. Despite the statistics, most SMEs feel they are not at risk of being a target – there is a general air of unrealistic optimism that being a small company is a form of protection. After all, they think, why would China want to know how many rats were caught by a small Kent-based pest control business?

At the ITC Annual Security Conference, Paddy McGuinness, former UK Deputy National Security Adviser for Intelligence, Security and Resilience, highlighted that China’s attacks characteristically target big data sets and bounce off others by hacking through a service provider.

Hypothetically speaking, if the UK government used Amazon Web Service (AWS) to store its data, China could target large data sets in AWS to seize this. As a small pest control business in the UK, using AWS cloud to store all personal data relating to your clients, your company’s data could be compromised in the attack.

Would you have a plan in place for this scenario?

It is important to understand that although you may not be the direct target of a nation-state hack, it is possible to be affected indirectly – having a plan in place will help mitigate the consequences of the breach.

Primarily, you need to understand your own cyber vulnerabilities: does your company adhere to the most basic cybersecurity principles? In their Cyber Essentials programme, The National Cyber Security Centre (NCSC) has useful guidelines for making sure you are safe – the information is written plainly and is accessible for most.

Undertaking third-party risk management is also important. Ask yourself and your team – how well do you know the provider of your cloud-based security solution? Do you know where in the world your data is stored? What security protocols does the company have in place? What is their reputation like? Do my third parties use other third parties? If a data breach occurs, how do I communicate externally and internally?

According to the 2019 Cyber Security Breaches Survey, the number of businesses reporting cyberattacks decreased from 43% the previous year to 32% this year. However, it appears that businesses and charities that have been targeted now appear to be experiencing more attacks than in prior years.

Such a high percentage of attacks suggests it is not a case of if you will suffer a data breach, but when. Most importantly, do not underestimate the effects of a cyberattack on your company and employees, and never undervalue the importance of a thorough and up-to-date company plan in minimising the effect of a macro-scale cyberattack. Be prepared – you never know if you will be the next target.

At TenIntelligence, we provide a range of services and jargon-free advice to organisations who require assistance to protect their company. If you would like to have a conversation about your security position, or need help in reaching an applied standard, contact us via info@tenintel.com.