Cyber attack defence 

It is difficult not to notice the recent rise in cyber attacks. Some very big corporate names have recently fallen victim to devastating cyber attacks.  

Currently Marks and Spencer are still struggling to deal with a major cyber attack as reported by the BBC https://www.bbc.co.uk/news/articles/cz79547nywno  

Even their supply chain is affected to the extent that some are resorting to pen and paper just to keep the business running https://www.bbc.co.uk/news/articles/cvgnyplvdv8o 

Other big brands currently under attack are the Co-op and Harrods as reported by Reuters https://www.reuters.com/business/retail-consumer/britains-ms-enters-second-week-sales-disruption-after-cyberattack-2025-05-02/ 

Nobody is safe 

Cyber attacks can and do target anyone. Many small business owners are of the opinion that they are too small for Cyber attackers to bother with. This is a false and dangerous assumption. Sophisticated Cyber attackers obviously prefer a big juicy company, but Cyber attackers come in all shapes and sizes, including those that will attack any organisation no matter how big or small, aiming for the easy targets including small businesses. 

Why do they do it 

Cyber attackers either seek to extort money out of businesses, or to steal business information. Attacks can range from encrypting your data and demanding a ransom to de-crypt it, to stealing data either for a ransom or to analyse the data looking for sensitive corporate data.  

Sensitive corporate data can include proprietary information vital to your business that can be sold to competitors, or your list of clients which can be analysed to find more lucrative targets. A GDPR nightmare! 

How to defend yourself 

Whilst it is true that all businesses are targets, in general attackers will look for the easy targets. Businesses with lax Cyber security protocols are prime targets. This includes: 

• Businesses without robust cyber defences 

• Businesses that do not rigorously control access to their data 

• Businesses running out of date or unpatched software or hardware 

It is vital to have robust Cyber defences in place such as anti-virus, anti-spam, and anti-intrusion. This can help to prevent hacking attacks, both targeted and random. 

Data access must be rigorously controlled with strong passwords and secure data storage. This includes email which is one of the primary sources of attack, as people are always the easiest target to exploit. 

Software and hardware require constant updates and regular replacement. The days of purchasing a PC, installing some software and using it until it eventually fails are long gone. Due to the complexity of all software and hardware, these will always have security vulnerabilities, and the manufacturers have teams of engineers constantly analysing their systems looking for vulnerabilities and creating updates (patches) to mitigate these vulnerabilities. However, with the constantly evolving threats, eventually it becomes no longer cost effective to keep maintaining the security of software and hardware, so maintenance ends and these systems need to be replaced.  

In a business environment it is sensible to replace your hardware approximately every 5 years. All software should have regular security and/or version updates to keep it secure and when a version is no longer supported it should be replaced. 

What happens if you don’t defend yourself 

Your business is under constant attack. This may sound like a throw-away line but it is absolutely true.  

• There are very talented teams of hackers constantly analysing all software and hardware looking for vulnerabilities. 

• There are automated systems constantly scanning for vulnerabilities in your system that can be exploited.  

• There are hacking organisations that sell these services to criminal enterprises.  

Hacking and Cyber attacks are big business. There are vast sums of money to be made by gaining access to business data. 

Even if a business is too small to bother with, or can’t pay the ransom, the loss of vital company data can often result in businesses going out of business, and even lead to prosecutions of the company owners. 

Backups: recovering from a Cyber attack 

The last defence is your backups. If all else fails and your systems are completely compromised, backups can recover your business back to a working state. Multiple backups are vital to ensure that your business has a means of recovering from a Cyber attack. There must be a minimum of one off-site backup that cannot be accessed by a Cyber attacker, and stored using a method ensuring that the backups cannot be altered in any way. This is known as “immutable” backup storage. 

Conclusion 

Your business is under constant attack by criminals trying to take advantage of any weakness in your IT systems. 

It is vital that your business has robust Cyber defences in all aspects of your IT systems, including your members of staff, and that you have robust and immutable backups in place for all of your data. 

Contact Bean IT for an evaluation of your Cyber security defences, and IT systems, to ensure that your business is not the next victim.