What are Cyber Risks?
Cyber risk is the potential for information or financial losses arising out
of the use of e-commerce. Let us illustrate with a few examples below:
- Privacy Breach - News of the World is a great example of how a hack can occur and the devastating effects.
- Hacking Attack - Sony was forced to shut down its PlayStation network following hacking attacks which lead to 77 million user’s data being stolen.
- Virus Attack - The Pathogen virus caused an individual victim £500,000 loss.
- Computer Fraud - this is deemed so serious that the government invested £2,000,000 in setting up the dedicated action fraud team for internet fraud.
- Insider Attack - An employee planted a logic bomb which took down 2,000 UBS servers which lost the company $3,100,000 due to their inability to trade.
Who are the typical victims of an attack?
- Any company operating online, utilising online services or holding personal and sensitive data
- Health agencies
- Defence and Security agencies
- Private home owners
- Anyone with access to the web
Who are the Attackers?
- International criminals who have either an objective to steal data for crime, or to create havoc to their victims.
- Employees (both past and present) or consultants of a company who may be at risk of losing their job, or wish to profit from the sale of the companies data.
- Bored teenagers looking for their next buzz or to make a name for themselves.
- Competitors looking to steal a company’s confidential data or prevent them from trading.
What type of data can be stolen and for what use?
- Bank Details
- Client Lists
- Security information
- Personal information
- Recent transactions
- Confidential material
This information can be very valuable to the criminal party for use in:
Or sometimes it is just malicious with no intent.
- Company secrets
- Terrorist attacks
- Inside Stock market trading
- Idea Theft
- Email Hacking
- Client details
Potential losses to a company
- Inability to trade will lead to a loss of revenue.
- Fines/or prosecution if the personal data has not been kept under adequate protection.
- Future revenue loss due to the theft of an idea, business plan or a block buster technology or drug which is still in the R&D phase with no patent submitted.
- Cost of notifying individuals that may have been affected following loss of their data.
- This can be expensive and different territories have different requirements and time scales. In the US each state is also different to one another which can add significantly to these costs.
- Media and PR costs would also need to be met to protect the company’s reputation and ensure that their clients are fully up to speed with the companies handling of the incident.
If you would like to discuss this, please contact a member of our Science & Technology team who would be happy to assist..