How to Detect and Respond to a Cyber Incident
No security can ever be perfect. Cyber Incidents can and will happen to businesses, so we must be all prepared to deal with them.
Greater Manchester Police, like all other police forces, has a dedicated specialist cybercrime team who are highly trained and experienced in investigating cybercrime and putting the victim’s needs at the forefront of the investigation.
It is really important, if you are a business, charity or other organisation which is currently suffering a live cyber-attack (in progress), that you call Greater Manchester Police at any time on 101 or report the attack to Action Fraud on 0300 123 2040 immediately.
Millions of fraud and computer misuse cases are reported to the police every year. But it is important to remember that many of those crimes could have been prevented by making a few small changes in our online behaviour.
The majority of cyber crimes aren’t being reported
Only a fraction of fraud and cybercrime offences occurring in the UK are being reported to the authorities, according to estimates compiled by the Office for National Statistics (ONS) in its new telephone-operated Crime Survey for England and Wales (TCSEW).
According to the 2023 Cyber Security Breaches survey, 21% of businesses have a formal incident response plan in place. We know that 64% of large businesses have a formal incident plan in place. Still, with 32% of all businesses facing cyber attacks in the last 12 months, it's important we're all prepared should a cyber attack impact your business.
Download our Cyber Incident Response Pack
In partnership with the Scottish Business Resilience Centre and the North West Regional Organised Crime Unit, we have created a Cyber Incident Response Pack containing documents to help support your business plan its response to a cyber incident. These documents are designed to complement any existing plans or assist you in creating one.
The Cyber Incident Response Pack contains the following:
Incident Response Guide Introduction
Prepare Your Business Checklist
Emergency Contact List Template
Incident Response Communications
Legal Implications of a Cyber Incident
How can I reduce the chance of my business becoming a victim of cybercrime?
To reduce the chances of your business becoming a victim of cybercrime, you don’t need to be a computer expert. Developing a few good online habits drastically reduces your chances of becoming a victim, makes you less vulnerable and helps your business work online safely.
Make your staff aware of the latest cyber security threats, consider security awareness training, download our incident response, and follow the tips below.
Backup your data
Ransomware is a type of malicious software that threatens to publish the victim's data or perpetually block access to it unless they pay a ransom.
Regularly back up all your documents and photos in at least one other place to minimise the risk of losing everything if you get a ransomware virus.
You can back up data onto:
A USB stick.
An external hard drive, making sure that the drive isn't connected at all times, as ransomware can infect devices connected to your network.
For a cloud server, make sure that the password you use for cloud servers and backups is a strong password and one you don't use anywhere else.
Be wary of email and text scams
Be careful when opening emails and texts, especially if you don't know the sender. If an email or text is unexpected or seems unusual, even if it’s from a customer you know, ignore it and contact the sender directly to check if they sent it.
Your bank, the police, the NHS, HMRC and reputable companies will never ask for sensitive or financial details of your business via email, phone or text.
To protect your business from scams, known as 'phishing':
Don’t open attachments or click on links in emails or texts from senders you don’t recognise.
Never give out business information, financial details or passwords in response to an email, when you receive an unexpected phone call or in response to a text message.
Set up spam filters on all of your accounts.
Don’t respond to emails or texts from unknown sources.
Always go to a website directly by typing out the address yourself when logging into an account.
Remember, the police, banks and government departments like HMRC will never ask you to transfer money from your bank account.
You can forward phishing emails to the National Cyber Security Centre (NCSC) suspicious email reporting service via firstname.lastname@example.org and forward smishing text messages to your network provider via shortcode 7726, who will both take steps to prevent these at the source.
Be careful when using social networks
Social networks are a great way of keeping in touch with customers, but be careful about how much information you share.
Once you post or share something on any social media profile, it’s out of your control and could be shared and used by others, even if you delete it.
Make sure you:
Review and check your privacy settings regularly, as updates can affect settings.
Don’t add or accept ‘friend’ requests from people you don’t know.
Think carefully about the images, videos and content that you share.
Further guidance & support
You can contact the Cyber Resilience Centre for guidance and support during normal office hours at 0161 706 0940 or by dropping us an email. We also provide free guidance on our website, and your business can also encourage your staff to sign up for our free membership.
Members receive regular updates, which include the latest guidance, news and security updates. Our free membership has been tailored for businesses and charities of all sizes who are based in Greater Manchester and the North West.
We have also created the Cyber Security Guide for Small Businesses. It provides small organisations with guidance on what cyber security is, what are the different types of cybercrime and further free resources and support.