23% of tradespeople surveyed by NFU Mutual had fallen victim to a cyber attack or cyber crime in 2023
UK tradespeople are being warned to enhance their digital security, as nearly a quarter reported falling victim to cyber crime in the last year. Of 500 people surveyed by OnePoll on behalf of NFU Mutual, 23% had suffered a “cyber attack or cyber incident” in 2023.
Seven out of ten tradespeople were concerned about the threats posed by cyber crime to them and their business, with 35% saying that they were ‘very concerned’.
However, a significant number(14%) of UK tradespeople were seemingly unconcerned, raising concerns about underestimating cyber criminals.
Any kind of digital technology can become compromised
James Trevis, NFU Mutual’s cyber specialist, said: “Cyber crime is sadly an ever-increasing threat to our industries – and tradespeople are no different – so we’re urging bosses and employees to stay vigilant and do all they can to avoid falling victim.
“It’s important to remember that if you utilise digital technology in any way to run your business, you’re potentially exposing yourself to cyber security threats – and the ramifications can be very serious.
“From financial fraud and loss of income to reputational damage and even legal liability, tradespeople should be aware of the cyber risks they face.
“Tradespeople are a pillar of our communities so it is vital they feel they are protected and supported should the worst happen.”
NFU Mutual highlighted the following as key points of risk for opportunistic cyber crime:
- The use of laptops and computers, tablets or mobile phones to communicate with customers, order materials and book jobs.
- Servers or digital storage facilities to hold customer and employee data.
- A website to promote your business and book work.
- The use of online banking to transfer funds, purchase supplies and receive payment from customers.
- Internet connected devices – such as office computer networks, CCTV and lighting.
To help protect your trade business, consider following these tips:
- Use strong passwords – but crucially don’t use the same log in details or passwords across multiple accounts and services, always separate personal and business accounts.
- Implement Two Step Verification (Multifactor Authentication) – this is a simple method which requires two different methods to ‘prove’ your identity before you can use a service, generally a password plus one other method such as a text message or fingerprint.
- Ensure all software is up to date and kept updated on a regular basis.
- Back up your files and data weekly and store on a separate, secure device.
- Educate employees around cyber crime, including how to spot potentially dangerous or fraudulent emails.
- Install a firewall and anti-virus software on all company devices and keep them updated.
- Make sure factory set passwords are changed and equipment is set up with security in mind.
- Where appropriate, use a Virtual Private Network (VPN) when allowing employees access to company systems remotely. Ensure this too is protected by Two Step Verification.
- Don’t neglect physical security – ensuring all company devices are securely stored and locked away when not in use is just as important.