Blog: Tesco Bank hack attack: Warning to SMEs that ignoring security risks could be disastrous

Austen Clark
Austen Clark

Tesco Bank’s online hacking attack has prompted the boss of a North east IT firm to issue a stark warning that cyber crime must be taken very seriously – and not just by national and international brands and corporations.

Small and medium enterprises are just as vulnerable and this latest attack is simply another indication of the damage that can be wreaked by hackers, according to Austen Clark, managing director of Aberdeenshire-based Clark Integrated Technologies.

Tesco Bank has more than 7 million customers accounts and confirmed “fraudulent criminal activity” was first identified late on Saturday with about 20,000 customers have had money taken from their accounts, with “suspicious activity” identified in another 20,000.



Mr Clark, a leading voice in the campaign to ensure owners of SMEs defend against cyber criminals, has urged businesses to wake up to the realities, saying that the fast-paced and ever changing nature of information technology meaning new potential online risks are arising all the time.

Mr Clark states: “Many firms may not realise the risk they face from cyber crime. Governments and multinational corporations are large targets but their increase in awareness and investment in defence against cyber attacks are leading to SMEs producing a more viable focus for hackers.

“There is a serious and important message for companies of all sizes that store and handle personal data. People’s personal information must be securely protected at all times.

“While under-reporting is massive, Federation of Small Business statistics show that two thirds of small businesses have been the victim to cybercrime in the past two years, while over a third of small businesses do not report crimes against their business. It’s time for small businesses to sit up, appreciate the potential severity of cyber-attacks and implement good risk management.”

Cloud computing has resulted in work no longer being a place but a task as flexible and home working options increase in the work place. With reliance on multiple internet connected devices only set to rise as well, cyber crime is something that everyone needs to guard against.

“We’ve observed that attackers are exploiting the new opportunities that these new ways of working creates,” Mr Clark continues.

“Attackers are now aware of your weakest locations, such as off-network devices and remote offices, furthermore they now target specific systems and users

“Attackers have the patience to acquire multiple footholds so then can launch an attack at the proper time – and are more motivated and sophisticated than ever to target company’s data. Data has been the driving force behind the latest attacks and is viewed as the world’s newest currency.”

Thankfully, businesses can increase their security online by securing their IT, having up to date malware protection, managing user privileges and working towards educating workers and raising awareness to of good practice.

Some of the most basic measures include:

  • Allow your software and applications to be updated as soon as possible. These updates often contain vital security updates to protect your devices from new threats.
  • Never use obvious passwords like ‘password’. Add symbols and numbers and a mix of upper and lower case letters to ensure a strong password.
  • Delete and block suspicious e-mails and never open attachments or follow links contained within.
  • Don’t forget smartphones and tablets are at just as much risk from viruses and other forms of malware as computers. Install anti-virus protection, keep it up to date and use it regularly.
  • Educate your staff on the dangers of cyber crime, both to the business and them as an individual and encourage them to use best practice
  • Mr Clark concludes: “The internet brings huge business opportunities but it also brings risks and every single day businesses face cyber-attacks, with attempts to steal information and money, or disrupt business. It is increasingly important to manage these risks to take advantage of the internet whilst protecting your business.

    “Focus on protecting data and standardisation and use independent advisers to manage your interests.

    “If your business does become the victim of hacking, it’s important to dissect a breach after it has occurred as this can help understand how to prevent it from happening again. However, like most things, prevention is so much better than cure.

    “There’s really no such thing as a silver bullet – all systems have weaknesses and vulnerabilities - but there is help and guidance available to help prevent against becoming the next victim of cybercrime.”

    Clark IT is based near Turriff in Aberdeenshire and provides managed ICT solutions to corporate and commercial clients across Scotland and beyond.

    Share icon
    Share this article: