Steven Wilson: Don’t let cyber criminals jeopardise your business

Share this article
0
Have your say

Even in the digital age, when your job involves tackling every imaginable sort of online, virtual and cyber crime, there is no substitute for actually meeting people in the flesh.

So, at Scotland’s eCrime summit in Edinburgh earlier this week, I was delighted to look out on an audience of more than 200 people from the world of business, finance, technology, academia, government and crime prevention.

All of us were gathered to drive forward what is the biggest co-ordinated campaign to unite Scottish Government, police, 
industry experts and academics in tackling the fast-changing and highly lucrative world of cyber crime.

We must drill home the message that online fraud is an 
ever- present threat which continues to cause a great deal of financial damage to businesses throughout Scotland – and it is small businesses that are left particularly vulnerable.

But it was equally important to stress that, with the right knowledge and intelligence, Scotland can position itself as a world leader in cyber security excellence, therefore allowing companies to conduct business online, safely and securely.

As with all types of organised crime, criminals are hungry to seize on any opportunity to make profits, and with increasing numbers of companies flocking to the web they know this is an area of business where they can make substantial 
profits.

Cyber crime ranges from those heavily broadcast in the media, including fraud and theft, and possibly moving into more sinister things like child abuse.

We know the internet is a growing landscape which is a natural breeding-ground for cyber criminals who are constantly evolving threats such as hacking and malware to DDOS – denial of service attack which prevents businesses from being able to operate their network.

Currently one of the most common threats is “vishing” which uses cunning voice calls to follow up online “phishing” techniques. The criminals conduct sophisticated and in-depth online research into target businesses. They then pull together highly-convincing scripts and make phone calls to victims while convincingly posing as officials from banks or finance companies.

After tricking victims into handing over passwords, the crooks then immediately use the information to make online cash transfers, bouncing the 
stolen money around various
accounts, occasionally on a 
global scale.

We have seen these attacks across the UK cost businesses anything from hundreds of thousands of pounds to millions of pounds – the amount can vary hugely.

The conference was designed to particularly target small and medium business enterprises across Scotland because large organisations have substantial budgets to invest in security.

Unfortunately this is an investment small businesses sometimes simply can’t afford to make, and we commonly find that some businesses are cutting back on putting security measures in place.

It is our aim to up-skill these businesses, make them aware of common threats and what they can actually do to counter these with just a little bit of investment.

What we don’t want is companies being forced to go out of business simply because they’ve been attacked on the internet.

The internet should be an opportunity for Scotland and not a threat to our enterprising businesses.

Tackling cyber crime is an ongoing process of education. Cyber criminals are extremely plausible, they are professionals at what they do and it is our responsibility to raise awareness on how to stop them in their tracks.

• Detective Supt Steven Wilson is head of eCrime, Specialist Crime Division, Police Service of Scotland. DS Wilson will have the res­ponsibility of co-ordinating the cyber-security expertise of the Police Service of Scotland resources and linking with 
universities and the business community.