SMEs have been warned to be on their guard after national audit, tax, advisory and risk firm Crowe is warning of a huge surge in cybercrime since COVID-19 hit the UK.
Chris Mould, Audit Partner in Crowe’s Cheltenham office, said: “The figures are even worse than they first appear.
“The latest UK crime statistics from the ONS (Office of National Statistics) show an increase of 65 per cent in cybercrime since April 2020, with cybercrime and fraud now representing more than 50 per cent of all crime.
“Government statistics for 2019 show that 46 per cent of all organisations suffered a cybercrime breach, but since April 2020 this has surged significantly – through our own calculations we believe there has been a 344 per cent surge in cybercrime in the past three months alone.
“Our concern is that many SMEs have taken their eye off the ball while faced with the issues raised by COVID-19 and now Brexit rearing its head again.”
He pointed out that most large organisations have sophisticated procedures and defences in place to guard against cybercrime but this simply is not true of SMEs who may be considered an “easy touch”.
“Most business owners will tell you they are aware of the risks but not so many know how to apply their limited and depleted resources to guarding against the threat of fraud and cybercrime.”
The World Economic Forum has warned that new working patterns, leading to cyber attacks and data fraud, are the most likely technology fallout risk for the world as a result of from COVID-19.
Chris added: “Most organisations have taken action of some kind but they tell us their biggest challenge is knowing where to target their limited resources, and spend, to make a realistic improvement in resilience to the rapidly evolving cyber threat.”
Crowe has developed significant expertise in this area in recent years, including external and internal vulnerability assessments and searches on the Dark Web for compromised emails and passwords, often available for as little as $2.
Jim Gee, Crowe Partner and Head of Forensic and Counter Fraud Services, said: “The initial stages of a fraud investigation are very important.
“Organisations that fail to observe the correct protocols are likely to encounter significant problems.
“Doing the wrong thing, however well-intentioned, may prevent discovery of what happened, limit the recovery of losses, limit the full range of sanctions which might be available, and leave an organisation open to legal claims under data protection, human rights and employment law.
“If you suspect a fraud is underway, before you do anything, speak to a professionally qualified counter fraud specialist.”