A STRING of Gibraltar businesses have been stung by cyber criminals, leaving them over £1 million out of pocket.
Police described the problem as ‘one of the biggest threats to Gibraltar’, after the incredible sum was siphoned from up to 100 companies in the last month alone.
Using a series of elaborate ‘phishing’ scams, cybercrooks are attacking vulnerable businesses, with firms on the Rock currently facing a shocking 1,000 cyber-assaults daily.
Most of the businesses targeted are ‘small, privately-run firms’, however larger companies are also said to be ‘at risk’.
One victim, Bruno Callaghan, of Callaghan Insurance Brokers said he was ‘horrified’ by a recent cyberattack.
Losing £18,000 to a phishing email scam, Callaghan is now at the forefront of a team tackling the problem.
Organising an emergency meeting with targeted businesses as well as the Financial Services Commission (FSC), Callaghan is urging companies to ‘up their defences’.
“There is huge stigma attached to being duped,” Callaghan told the Olive Press. “But this is a problem that will not go away, it is only going to get worse and people cannot be ashamed if caught out.
“I would urge other businesses to take out cyber insurance so they are not had like we were.
“The FSC and the police are doing what they can, but Gibraltar’s businesses must also work together to protect themselves.”
The FSC and police are indeed now working to ‘improve security systems and implement new firewalls’ into Gibraltar’s three internet service providers.
“Gibraltar suffers from thousands of attacks daily,” FSC chief information officer Alan Pereira told the Olive Press.
“We are seeing more instances of Cybercrime creeping into our jurisdiction, with highly complex individuals capable of committing crimes that lead to terrorist acts.
“Taking measures is now a priority. It is no longer nice to have cyber security; it is essential.”
Meanwhile a police spokesman told the Olive Press that cybercrime is now ‘one of the biggest threats to Gibraltar’s economy.
“Although this type of criminal activity has been around for years, the methods are becoming increasingly sophisticated,” he said.
“We believe that prevention through education is key, and we are urging businesses to seek help.”
Ironically, the clampdown is being launched just a month after one of Britain’s ‘greatest online fraudsters’ gave businessmen and technology experts on the Rock a lesson in cybercrime.
Once considered ‘underworld royalty’, stealing over £30 million from online retailers, convicted cyber criminal Tony Sales warned businesses they would become an increasing target unless they tightened their virtual defences.
“The online world is a fraudster’s playground,” Sales said. “The amount of online companies, especially in the gaming industry makes Gibraltar a prime target for online crooks.”
“improve security systems and implement new firewalls”
Firewalls don’t protect against phishing, which is actually classed as “social engineering”, indeed phishing is not strictly “cybercrime” at all since it does not require penetration (hacking) of systems, and phishing can be done over the telephone and via the conventional mail. Using information gleaned and aggregated from existing sources, the attacker (read fraudster) is really just acquiring trust falsely. The act is not really even “stealing”, as the fraudster is not taking anything – they are even being given the funds by duping the other person. A most complex crime to even define.
This sort of crime can be mitigated and actually stopped very easily, but it requires very strict working practices that must be drummed in to people so they act correctly, almost by instinct, and the perpetrator knows that in the busy cut-and-thrust business world, those rules can be forgotten for a brief moment. Trust no one is a good place to start, I find.