EU Crackdown On Cyber Crime

Uploaded on 2019-09-16 in GOVERNMENT-Law Enforcement, FREE TO VIEW, BUSINESS-Services-Law

Cyber-risks facing businesses today are significant and only increasing. With many welcoming the European Union’s recent announcement that cyber criminals will face tough sanctions under a new regime agreed by member states. 

In April 2019, cyber security firm Malwarebytes reported that the number of cyber threats to businesses has increased 235 per cent over 2018-19. Insurance firm Hiscox recently reported that more than 60% of British businesses have been the victim of one or more cyber-attacks in 2019 already.

Good News
Under the measures, people and organisations could be given travel bans and have their assets frozen if they are found to be responsible for cyber-attacks or to have provided financial, technical or other assistance in connection with a cyber-attack. Significantly, sanctions may also be imposed on people or organisations associated with them.

Limited Protection
There is no doubt the EU’s recent announcement marks a step forward in the battle against cyber-crime. The measures provide potentially powerful sanctions against cyber-criminals. However, it is important not to overplay the impact of these measures. Whilst the new EU sanctions will provide some potentially helpful tools for fighting security at an international level, their benefit is unlikely to be felt equally by all organisations.

The new EU measures only apply to cyber-attacks which have a ‘significant effect’. Guidance is yet to be released on the types of attacks that will fall into this category. However, it is possible that an isolated attack against an SME may not be included.

It is more likely that the new regime of measures is aimed at countering attacks on organisations and infrastructure on a national and international scale. 

One cannot help thinking of the worldwide WannaCry ransomware attack which took a particularly heavy blow to NHS hospitals in England and Wales back in May 2017. Further, in March 2019, the ten Healthcare Minister Jeremy Hunt warned of the growing vulnerability of democratic elections to interference. It is against these sorts of public targets that these sanctions are likely to be focused.

Even then, there are inherent difficulties associated with law enforcement of cybercrime. Locating and identifying perpetrators, with hackers regularly employing secure software to remain anonymous by hiding their location and routing their communications through multiple countries in order to evade direct detection.

Easy Target
Whilst the introduction of international sanctions against those involved in cyber-crime is a positive step, their direct impact on most businesses is likely to be limited. It is therefore important that businesses do not first look to government and international organisations for cyber-protection but rather develop robust cyber security strategies of their own.The number of cyber-attacks against businesses is increasing at an alarming rate. But what maybe more surprising for SMEs is that size offers no protection to cyber-attacks. Whilst we may be more familiar with stories of large attacks against well-known organisations, it is often SMEs that are most vulnerable to a breach.

Size does not make data any less valuable to criminals.

Sensitive information such as customer bank details or staff log-ins are desirable to criminals whether you are an small or medium sized enterprise (SME) SME or a public company (PLC). In light of robust regulation such as GDPR, their legal obligations in relation to the protection of that data may be the same. In fact, SMEs can be particularly attractive to hackers precisely because of their size.

Smaller businesses often do not have in place the mechanisms necessary to resist an attack. Therefore, attackers see them as easy targets.

In April, the government published the results of its latest annual cyber security survey. Whilst the survey encouragingly reported an increase in the proportion of SMEs who see cyber security as high priority (74%), there is still cause for concern. 
Smaller businesses are less likely to seek information, advice or guidance about cyber security compared to larger businesses.

Only a quarter of small business have cyber security policies in place and even less have received any cyber security training.

Urgent Action
Organisations of all sizes need to implement measures to effectively manage growing cyber-security risks. These are likely to include ongoing assessment of current security capability and implementation of appropriate upgrades, training to minimise human error and the taking out cyber-liability insurance to cover the costs of when things go wrong.

Cyber security is now a key business risk and it is not going to go away. This is reflected in the EU’s recent measures. The sooner SMEs are alive to these risks, the better.

SME Web:

You Might Also Read:

Hackers Don't Only Target Big Business:

UK Cyber Crime Is Increasing In 2019:

 

 

« US Power Grid Attack – No Harm Done. This Time
Smart Cities Call For Mobile Solutions »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Hotlava Systems

Hotlava Systems

HotLava network adapters enable today's powerful servers and workstations to deliver more productivity by reducing congestion at the network interface.

Intrinsic-ID

Intrinsic-ID

Intrinsic-ID's authentication technology creates unique IDs and keys to authenticate chips, data, devices and systems.

Conix

Conix

Conix offerings include Governance and Risk Management, Auditing and Penetration Testing, Digital Forensics, Managed Security Operations Centre (SOC).

Mitchell Sandham

Mitchell Sandham

Mitchell Sandham is an, independent insurance and financial services brokerage. Business products include Cyber/Privacy Liability insurance.

NITA Uganda (NITA-U)

NITA Uganda (NITA-U)

NITA-U has put in place the Information security framework to provide Uganda with the necessary process, policies, standards and guideline to help in Information Assurance.

FileWave

FileWave

FileWave offers a single solution for managing apps, devices, and more for Mac, Windows, and mobile devices.

Fortanix

Fortanix

Fortanix Runtime Encryption keeps keys, data, and applications completely protected from external and internal threats.

Cloudentity

Cloudentity

Cloudentity combines Identity for all things with API and Application security in a unique deployment model, combining cloud-transformation and legacy systems.

Conference on Applied Machine Learning in Information Security (CAMLIS)

Conference on Applied Machine Learning in Information Security (CAMLIS)

CAMLIS is a venue for discussing applied research on machine learning, deep learning and data science in information security.

BCN Group

BCN Group

BCN Group is an agile IT solutions provider. We are experts in delivering and managing business-critical technology solutions.

Apono

Apono

Apono enables DevOps and security teams to manage access to sensitive cloud assets and data repositories in a frictionless and compliant way.

CyberHub

CyberHub

CyberHub is an educational platform that offers professional courses and knowledge sharing through articles and videos to help students discover their potential in cybersecurity.

One82

One82

Serving emerging small and medium-sized businesses in California and neighboring regions for over 20 years, One82 has established itself as the most dependable provider of IT support services.

Sendmarc

Sendmarc

Sendmarc automates the process of protecting your domain from being used in email impersonation and phishing attacks.

Port-IT

Port-IT

Port-IT is a leading partner in cybersecurity solutions tailored for the maritime industry.

Amplix

Amplix

In the race to create value for your enterprise, Amplix is your best asset for making technology decisions and optimizing your IT infrastructure, cloud usage, and security posture.