Londoners are losing an average of £26 million a month in cyber attacks on businesses and individuals, Scotland Yard warned today.
About 3,500 victims of cyber fraud are recorded in the capital each month, with phishing emails, ransomware and malware the most common scams. Senior Met officers warned fraudsters often target individual employees to bypass company security systems.
Detective Chief Superintendent Mick Gallagher, head of the Met’s Organised Crime Command, said: “We accept organisations and the public generally have the technology and correct processes but it is people that are vulnerable.
“What we are finding is that people are vulnerable through a lack of understanding of the cyber threat.” He said criminals were singling out individuals and targeting them in a “Trojan horse” style tactic to infiltrate firms.
Detective Chief Inspector Gary Miles, head of the Met’s Falcon cyber crime unit, said research showed 89 per cent of firms had installed the right firewalls but fewer than 20 per cent had trained staff to make them aware of threats. It was now easier to exploit an individual than try to breach a company’s cyber defences, he added. The biggest threat was phishing emails to vulnerable employees which allowed fraudsters to access company networks.
Scotland Yard’s cyber crime unit has developed a tabletop exercise which aims to teach business leaders how to protect their companies.
The “deliberately low-tech” Lego game shows the potentially disastrous consequences of weak computer security, such as insecure passwords and out-of-date software. It has already been used in sessions with firms including Tata Steel and Quintain, as well as Scotland Yard’s top officers, including Commissioner Cressida Dick.
In December Grant West, 25, admitted hacking 17 firms including Uber, Sainsbury’s, Asda, Argos, Ladbrokes, Coral and Groupon in order to sell users’ personal data on the dark web. West, of Isle of Sheppey, got hold of the details of 165,000 customers of Just Eat in 2015, Southwark crown court heard.