Government launches Cyber Essentials Scheme

UK government has launched a new cyber security equivalent of the MOT certificate – The Cyber Essentials Scheme – to combat cybercrime. 

As technology continually advances cybercrime is becoming more difficult to both deal with, and avoid. Because of this, the UK government has launched a new cyber security equivalent of the MOT certificate – The Cyber Essentials Scheme (CE).

The new initiative has been developed on three core pillars: defend, deter, and develop.

The Cyber Essentials Scheme aims to regulate businesses and the processes they apply to stopping internal cybercrime and data breaches. The government has also set aside £1.9billion for further investment into ending cybercrime.

Stockport based Midshire’s IT Manager Phillip Sundet explains what has motivated the Government to create the Cyber Essentials Scheme:  

“Data breaches, malware, and ransomware are prevalent in business today, costing companies thousands in lost data, regulatory fines, and lost reputation.

“More and more businesses are holding personal information digitally that can be used by criminals, ensuring safeguards are in place on your network and devices is paramount for data protection.”

“With the recent high-profile cybercrimes committed against the NHS, TalkTalk, Microsoft, Sony, and Marks & Spencer, it is easy to see why the government has intervened. Attackers can gain access to confidential data belonging to millions of people with relative ease.”

Did you know you can view a live map of cyberattacks as they occur on the Norse website? 

Cyber Essentials Scheme – Midshire offer advice on staying safe

What are the potential costs if companies get it wrong?
Businesses are at risk of being fined if found to be in breach of data protection laws, particularly in the UK where these laws are extremely strict. For example, the Stockport Primary Care Trust, was fined £100,000 by the Information Commissioner’s Office back in 2013 for the careless and incorrect disposal of confidential data.

Printers and photocopiers are also under attack, with 64% of IT Managers reporting a likely malware infection, and 60% having a printer data breach.

Midshire has compiled the most common software used in cybercrime below, including some useful tips on how best to evade such software.

What is Ransomware?

There have been high profile cases involving ransomware. Ransomware encrypts your files and demands a financial ‘ransom’ to get them unencrypted.

Q: How can I avoid Ransomware? 

A defensive software is not guaranteed to prevent ransomware. The first and most important line of defence is with you, the end user. Ensure that you avoid suspicious links and websites.

What is a Cyber-Attack

Cyber-attacks are usually employed by individuals or organisations, and targets computer information systems, infrastructures, computer networks, or personal computer devices. Cyber-attacks usually originate from an anonymous source that either steals, alters, or destroys a specified target by hacking into the susceptible system.

How can I prevent a Cyber Attack? 

Using a strong password with letters, numbers, and capital letters strategically placed throughout is a good way of avoiding a cyberattack.

What is Social Engineering?

Social engineering refers to the manipulation of people by ‘engineering’ them to perform actions online or divulging confidential information.

How can I avoid Social Engineering? 

Social engineering normally comes in the form of emails disguised as your bank asking for account information. You should never give your account information over an email or an insecure website. If in doubt contact your bank directly, being sure to avoid contact details on the email you are questioning!

What is Malware? 

Malware is short for malicious software, and refers to any software that is used to disrupt computer operations, gather sensitive information, gain access to private computer systems, or display unwanted advertising.

How can I avoid Malware? 

You should not open any suspicious emails or email attachments, and protect your accounts with secure passwords. There are generally two broad strategies used by criminals to try and break through a computer’s defences:

1. They try to install malware on your computers via breaking into accounts guarded by simple passwords.
2. They try to trick you into installing their malware from emails or websites.

What can I do to ensure I stay protected online? 

Use secure passwords – ensuring that you have a secure and complicated password,
and ensuring that you frequently change your passwords greatly reduces the risk of being the unfortunate victim of cybercrime.

Think before clicking links or opening mail attachments – Stop and think!

Before opening a suspicious email, instant message, text message, or messages on social networks like Facebook, LinkedIn, and Twitter stop and think. Is it safe? If your company has an IT department double check with them, especially if you have clicked something you don’t think you should have.

Never plug in a USB/Flash-drive from an unknown source

USB sticks and flashdrives are a common means of virus infection, however if you do not connect the device to your computer it has no way of transmitting a virus. This also applies to a USB stick that you have connected to your home computers if you believe your personal devices may have a virus, as it is possible to spread the virus to your workplace this way.

If you suspect that your machine has been infected with a virus or malware, simply disconnect your device from the network either by turning off the Wifi and/or unplugging the network cable and seek IT support.