HOW SECURE IS YOUR IT?
IT security attacks and fraud? Most SME's think "It won't happen to me", our answer is it just could, and as is so often the case, the cost of recovery, if you can recover, will always outweigh the cost of prevention.
A large travel agency took bookings via credit card on its web site. Obviously this type of business tends to be seasonal, so when business fell somewhat they weren't bothered, but when a few weeks later clients started calling to say that their credit card had been debited, but they had not received their tickets, the firm became anxious.
By consulting an IT security company they found that their web site had been cloned by hackers, but these hackers were not stupid; they never are. They had made an identical copy of the web site (about one hour of work if you know what you are doing) and taken control of the real web site without the agency knowing. When someone booked on line and went to checkout, the Hackers redirected them to their own "cloned" site and processed the credit card payment into their own bank account. The client booking the trip was not aware that they were on a cloned site.
But here is the clever thing, the Hackers only "stole" every other transaction. The result one wealthy hacker and a fraud that took three weeks to detect; they were gone by then.
So what could the travel agency have done? They could have had their web site checked to make sure it was secure.
A Gartner report said: 90% of all websites are not secure.
They could then have had their website checked daily to make sure that it remained secure, this testing could have prevented the fraud, or at least made the identification of an attack no more than 24 hours.
So why did they choose this travel agency , the answer is that no one really knows, but Hackers often set their computers to scan the world wide web for web sites with "open doors". An open door is a vulnerability in a web site which a knowledgeable hacker can exploit. Finding these open doors can be completely randomly. When they get up next morning they see what open doors have been found and arbitrarily choose one where they think that they can commit a worthwhile fraud. Still think it won't happen to you?
Rabjohns has teamed up with IT security specialists encription limited, see www.encription.co.uk, and can now offer you a complete range of IT security health checks to include your web site, your IT infrastructure and your staff, often the weakest link!
Encription carry out IT security work on behalf of a large number of Public Sector bodies as well a large corporates and small to medium companies.
For more information on how Rabjohns LLP can help your business get the most out of its IT investment contact Pete Grayer on 01905 732119