Support 110 years of independent journalism.

Small businesses urged to improve cybersecurity

The National Cyber Security Centre has launched new services to help SMEs stay safe online.

By Samir Jeraj

Keri Ackling and her husband run a business called Snow Windows, spraying festive designs on to windows at Christmas. It might not be the obvious target of a cyberattack compared with banks, governments and multinationals, but that’s exactly what happened in 2021.

“We received an email to our business account, and things took a turn from there,” Ackling said. The email appeared to be from Instagram and said their account was nearing 10,000 followers and was therefore eligible for extra features, such as going live and blue-tick verification. The email looked legitimate and the information seemed accurate. “I clicked on the link and entered my email and password to verify the account,” she explained. “Not long after I did that, I realised all the posts had been wiped from the Instagram account.”

For a business that prided itself on its visual creations and using them to build their customer base through social media, it was a catastrophic blow. An Instagram Story had been posted to the account, demanding a ransom to be paid in bitcoin to get their account back. “There was never any question of paying it. Aside from not wanting to give in to them, we didn’t have any idea how to get hold of bitcoin,” she said.

Ackling and her husband refused to pay and contacted Instagram, which shut down their account without warning. “Huge amounts of our business came through Instagram and our big fear was that we’d never get the account back at all,” she said. The couple mobilised their customers, which included celebrities and media personalities like Chris Moyles to campaign and get their message out. Eventually the account was reinstated, and the log-in was reset. However, problems persisted with Snow Window’s 200,000-follower Facebook account, which was linked to their Instagram.

[See also: Britain’s broken tax system]

Select and enter your email address Your new guide to the best writing on ideas, politics, books and culture each weekend - from the New Statesman. A quick and essential guide to domestic politics from the New Statesman's Westminster team. A weekly newsletter helping you understand the global economic slowdown. The New Statesman’s weekly environment email. Stay up to date with NS events, subscription offers & updates.
  • Administration / Office
  • Arts and Culture
  • Board Member
  • Business / Corporate Services
  • Client / Customer Services
  • Communications
  • Construction, Works, Engineering
  • Education, Curriculum and Teaching
  • Environment, Conservation and NRM
  • Facility / Grounds Management and Maintenance
  • Finance Management
  • Health - Medical and Nursing Management
  • HR, Training and Organisational Development
  • Information and Communications Technology
  • Information Services, Statistics, Records, Archives
  • Infrastructure Management - Transport, Utilities
  • Legal Officers and Practitioners
  • Librarians and Library Management
  • Management
  • Marketing
  • OH&S, Risk Management
  • Operations Management
  • Planning, Policy, Strategy
  • Printing, Design, Publishing, Web
  • Projects, Programs and Advisors
  • Property, Assets and Fleet Management
  • Public Relations and Media
  • Purchasing and Procurement
  • Quality Management
  • Science and Technical Research and Development
  • Security and Law Enforcement
  • Service Delivery
  • Sport and Recreation
  • Travel, Accommodation, Tourism
  • Wellbeing, Community / Social Services
Visit our privacy Policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications.
THANK YOU

According to the National Cyber Security Centre (NCSC) – a part of GCHQ – more than a third of small businesses suffered a cyber incident last year. The organisations have launched two new services, the Free Cyber Action Plan and Check Your Cyber Security, both of which are designed to help small businesses stay secure online and protect their livelihoods.

Check Your Cyber Security is designed for average computer users to identify and fix cybersecurity issues in businesses, charities, schools and other small organisations that are increasingly being targeted by cybercriminals. “Small businesses are the backbone of the UK, but we know that cybercriminals continue to view them as targets, said Lindy Cameron, the CEO of NCSC.

Content from our partners
How software will make or break sustainability
Sustainable finance can save us from the energy crisis – with the Luxembourg Stock Exchange
How trailblazers are using smart meters to make the move to net zero

Snow Windows is still dealing with the legacy of opening that one email in 2021. “Since the Instagram hack, we’ve been unable to post any adverts on to our Facebook business page – an issue Meta, which owns Facebook and Instagram, has been unable to fix,” Ackling said. Before the attack, Facebook had been a huge source of business and a valuable marketing tool, but it has effectively been paralysed for the past two years. “It was completely heart-sinking,” Ackling said. “You work so long and so hard to build up social media pages and grow your following and everything had just gone.”

“A fifth of small businesses see cybercrime as the most impactful crime in terms of both cost and disruption to their operations,” said Martin McTague, national chair of the Federation of Small Businesses. “Equipping small firms with the right tools and tailor-made guidance could enable them to be more cyber-resilient and in turn reduce costs in real life.”

[See also: Building the business case for growth]