How SMEs Can Identify and Protect Themselves Against Cyber-Attacks

This article first appeared in The Echo on 21/05/21  


As we have seen from the recent ransomware attack on the HSE, cyber-attacks have become increasingly common across industries, throughout the world. However, if you do a quick Google search, you will see this is not an isolated incident. It’s also not just global corporate giants that fall victim to these type of attacks. Studies have shown that almost half of cyber-attacks target small businesses and 91% of all cyber-attacks start with a fraudulent or phishing email.  

As businesses of all sizes continue to operate remotely or using a hybrid model, there is an increased chance of your business falling victim to a cyber-attack. These type of breaches can lead to data being stolen or encrypted, funds being misappropriated and disabled computers leaving employees unable to work. After seeing the disruptive long-term effects of cyber-attacks such as the one on the HSE, it is understandable that SMEs would have concerns about how to manage their digital security. From identification to prevention, here are some ways you can defend your organisation against a similar attack.  

Identifying the threat   

Early warning signs are crucial when it comes to cyber-attacks. Many of these attacks start with suspicious emails presenting in inboxes. Some emails may contain a link that when clicked allow for the hackers to gain access to the entire system. Once they have entry, hackers may look to contact clients, suppliers, or internal teams to seek confidential information. If employees or clients begin receiving requests for unauthorised payments or information they would not usually be involved with, this could indicate a hacker has gained access to the system.  

It is not just through emails where signs of a cyber-attack may be identified. Before, during or after a cyber-attack other issues may arise such as: 

  • User accounts locking frequently. This may indicate that hackers are trying to brute force a login to the system. Unusual activity on admin accounts such as logins at odd hours may also be an indicator that a company’s system has been infiltrated. 
  • Experiencing increasingly slow network or internet connectivity may indicate that data is being copied to an external location. If this is coupled with anti-virus warnings it would be a key indicator that your business is currently experiencing a cyber-attack.  

How to protect your systems 

While you might know how to identify potential signs of cyber-attacks it still leaves the question as to what steps you can take to protect your business. Prevention is the best form of defence when it comes to cyber-attacks.  

Firstly, make sure your staff know to never provide details for any unauthorised payments or password requests. If you are unsure, contact the sender directly to see if this email has come directly from them. If you begin noticing unusual logins, make note of the times. If you are suspicious of the ongoing activity within your system, contact your IT provider immediately for assistance.  

Key protective measures

  1. Educate all your employees e.g. holding phishing simulation training  
  2. Activate 2FA (Two-factor Authentication) on all important online accounts
  3. Carry out a cybersecurity review on your IT systems to identify any potential areas of concern where hackers may gain access 
  4. Invest in malware protection products and consider investing in behavioural based malware protection to protect against “Zero Day” attacks  
  5. Ensure you have a robust Backup and Disaster Recovery Plan in place and that it is regularly tested  
  6. Make sure your IT systems are locked down, patched and managed securely 
  7. Go through a Cyber Essentials Certification and get your business certified 

While it can be difficult to protect against these types of attacks, it is possible to educate your staff so they are aware of what to do and what not to do, and to ensure your systems are configured correctly and as protected as possible. By doing so, your business should mitigate the worst of the effects if your system is compromised.   

For more information on how to mitigate cybersecurity risk, get in touch with our Sales team or lo-call 0818 592 500.  

Kevin O’Regan is Director of our Cork Office

Learn more about current industry trends and news by following us on LinkedIn, or get in touch with us here

Call our sales team now on LoCall 0818 592500.

Alternatively, please send us a message via the form below and we’ll call you back.

Get in Touch

Certified Excellence

Radius maintain both ISO quality and Information Security certification. With GDPR regulations now in force, it’s critical that your IT partner handles your organisation’s sensitive data with the highest of standards.

ISO Quality and Information Security certification requires rigorous processes to be embedded at the heart of everything we do. Radius is proud to maintain this standard, awarded to only the very top tier of IT service providers.

Industry leading partnerships

Radius is a gold Microsoft partner for Datacenter and Cloud Solutions, a preferred HP and Cisco partner and a Retail Excellence Ireland gold partner. These partnerships give us unrivalled access to the best technology to support our clients’ IT and Telecoms needs.