It was recently revealed that Google had accidentally collected information that was being sent over unsecured networks while its StreetView cars were getting details about Wi-Fi locations around Germany.

Although the firm has said that it will now stop collecting any Wi-Fi data, the case has once again shown the vulnerability of these wireless networks, which are often used by businesses for their broadband connections.

Simon Pamplin, systems engineer pre-sales manager in the UK and Ireland for network solutions company Brocade, explained the considerations that need to be made when securing a connection.

He said: “There are a number of areas to concentrate on – you’ve got to make ease of access to the right people as seamless as possible. These days nobody has time for things like blocks on sites.

“You have to be able to control known threats and unknown threats to your environment and deal with them appropriately – deal with it in a controlled fashion.”

He added that measures also need to be in place in the case of an exploitation of a network, whether it is malicious or not.

Security software provider Sunbelt Software recently reported that malware distributors and spammers had used the election as a hook to try to dupe recipients.

Meanwhile, research published by the Office of Fair Trading has revealed that 73 per cent of adults received a scam email in the 12 months to February.

Rik Ferguson, senior security advisor at Trend Micro, said that checking a subject line is vital to avoiding spam while he also gave advice on protecting an email address.

“Obviously don’t overshare – don’t post your email address online anywhere ideally,” he said. “If you don’t need to share your email address, don’t share it.

“If you do have to write your email address down on a website somewhere, and I would stress that that is inadvisable, then try to write it out in letters rather than writing it exactly as your email address.”

He added that any suspicious email should immediately be deleted.

Spyware software provider Kaspersky Lab recently found that a vulnerability in versions six and seven of Internet Explorer was being exploited by cybercriminals throughout March, putting computer systems at risk.

Simon May, author of the Rough Guide to Windows 7, explained why it was important to keep all browsers updated.

“Whatever browser you have on your PC you need to keep it up to date. Internet Explorer, Firefox and Chrome all include mechanisms for doing this, as long as you allow it to happen.

“Switching browsers is not necessarily more secure, they all have their faults, so it’s important to keep anti-malware products up to date and to make sure your PC stays up-to-date with the latest patches.”

As part of a deal struck between Microsoft and European authorities recently, the company agreed to give Windows users the choice of alternative browsers in a pop-up window.

New research commissioned by the National Fraud Authority has revealed that a third of small firms have been hit by ID fraud, and that just three per cent of consumers feel confident that the companies they deal with handle their details securely.

Around 71 per cent of UK employees believe that their companies should do more to ensure that confidential documents are handled responsibly, despite the well-known risks of financial loss and reputation damage.

According to the research, only two-thirds of firms have put in place a clear policy on how to handle sensitive documents, while around a third of employees admit to throwing these documents straight into the bin.

National Identity Fraud Prevention Week partners, including the Metropolitan Police, the Federation for Small Business and CIFAS, have published a designed to give businesses advice on data protection and how to deal with a breach.

Microsoft staged a private corporate technology summit in London last week, when new intelligence was released showing the East European gangs were now switching their attentions to firms outside the blue chip arena.

The software giant plans to issue a key report in November that will show smaller businesses in the UK remain largely ill-equipped to detect and combat internet-based fraud.

Doug Cavit, the company’s chief global security strategist, said that up until now illegal online activity has largely targeted the now beleaguered financial services sector and that smaller companies are in the hackers’ sights. He said the report will highlight that online password theft has emerged as by far the prime target area, with such activity currently up one third compared with the end of last year.

Firms are advised to be wary of being careless with their passwords, especially when it involves third party/outsourced partners’ IT security.

“An organisation having to cope with many different groups in the course of its daily work can prove unwieldy. So make sure you define proper security protocols as you manage your company and your people. The trouble is that, more often than not, smaller firms’ IT systems are not sophisticated and so are relatively easy to hit,” he said.

Lesley Kipling, who heads up Microsoft’s 160-strong team of “cyber-crime cracking” engineers made the link between the danger to small firms from illegal gangs operating from the former Soviet Union.

She said it was likely that Russian business networks are behind a new wave of attacks launched on the net, and repeated the warning to firms to check that business critical IT systems operated by out-sourced partners are up to scratch.

The online survey of more than 2,000 UK internet users found that.each victim lost an average of £460.

This comes despite claims that users are security conscious, with 82% of respondents claiming to buy only from websites with enhanced security settings.

The survey showed that the most common victims of fraud are those aged between 45 and 54, with 14% of victims in this age group. Londoners are the least concerned about security when buying online.

Two out of five Londoners said they did not bother to check whether a website had enhanced security settings before making a purchase.

The findings show that more education is needed on how online consumers can protect themselves, said internet infrastructure services firm VeriSign, which commissioned the survey.

“Research reveals that there is not a relationship between the number of people who check a website’s security and those who have been scammed,” said Martin Mackay, VeriSign’s vice-president of EMEA.

As part of a campaign to raise awareness around online fraud, the firm has launched the VeriSign UK Fraud Index, a biannual barometer of online fraud.

Business broadband

Tony Neate, managing director of the Get Safe Online (GSO) organization, said it was essential to ensure any important data is backed up frequently, and stored in a place that is not part of the main network of computer files. He stressed that businesses and entrepreneurs in particular should have systems in place to support them.

He added that we are now more reliant on our broadband services than ever before and this means we must take greater care with the items we have running our daily personal or professional lives.

“It’s very important to make sure your back-ups are good and you have something in place where if … the internet fails, you have a number to ring to make sure you get it back up as fast as you possibly can,” he explained.

Mr Neate explained that products like cloud computing and Software-as-a-Service would become increasingly important to data protection.

In addition, the GSO spokesman said more consumers were looking to the web as a way to cut their spending – and this also means that keeping security tight is worth bearing in mind.

The survey of 269 small businesses found that less than a quarter (23%) prioritised IT security, indicating that the security required to protect corporate data continues to be underestimated.

More than three quarters (78%) were more worried about external threats than internal threats, and the biggest concerns were found to be virus attacks (88%), accidental data corruption (87%) and spam (77%).

Almost all companies surveyed use basic IT security measures such as anti-virus software, but relatively few manage portable memory device access to networks (45%), use network event logging software (55%) or web filtering (61%).

“There is a pervasive indifference towards monitoring the whereabouts of data and its ability to be accessed or copied,” said Scott.

A third of respondents said they could not track what portable devices have been connected to the network, 41% did not know what data is downloaded to these devices and 21% had no ability to track where business-critical data is stored.

“This lack of insight into the emerging internal threat has left these organisations woefully lacking in key areas of security,” the report said.

More than half (54 per cent) of businesses reported being a victim of crime in the last twelve months – 37 per cent having problems with phishing emails, 15 per cent falling victim to card not present fraud and another 15 per cent falling foul of IT problems caused by viruses and hackers.

Most fraud, where it has a financial impact, costs small businesses between £500 and £5,000, while the average cost across the sector is £768 a year.

The FSB’s report, “Inhibiting Enterprise: Fraud and online crime against small businesses”, found that one third of small firms do not report fraud or online crime to the police or their banks because of a lack of faith in the system.

More than 50 per cent (53 per cent) indicated they needed clearer information about how and where to report this type of crime, while 44 per cent wanted a named contact in their local police force specifically focused on fraud and online crime.

An 85 per cent majority of businesses in Scotland and England said they would report fraud if a designated reporting centre were set up to gather data and use it to fight the crime and follow through with prosecutions – following in the footsteps of Wales, which already has a reporting centre.
The FSB is calling for:

-  A central, well advertised and accessible method of reporting fraud and e-crime, which they can trust to understand the issue and to take proper follow up action;
- The Police Central E Crime Unit and the National Fraud Strategic Authority, which aim to launch the National Fraud Reporting Centre later this year, to work together closely to ensure that the centre is established soon and fulfils these criteria;
- A local police contact to specialise on fraud and e-crime with small businesses; and
- Banks to take responsibility for informing businesses up front about the risks of card not present fraud.

Mike Cherry, Federation of Small Businesses Home Affairs Chairman, said:

“E-crime is becoming an increasingly serious issue for small firms, which are losing up to £800 a year to fraud and online crime – a cost which could have a significant impact on a small business.

“The internet is a huge and unregulated area but businesses have to have confidence that there are at least some structures there to support them. It is important that the Met Police E Crime Unit and the National Fraud Reporting Centre must work hand in hand to set up an effective system to gather intelligence and use it to investigate and prosecute when this crime occurs. Businesses are currently simply being left very exposed.”

Related articles:

Is your PC as healthy as you are?

A guide to protecting your PC

Related link:

XLN Secure