Hacker warning of online security for small firms

Ethical hacker Susan Gardner is urging small local businesses to ensure they are cyber safe to prevent illegal hackers accessing their databases. Picture: Michael Gillen
Ethical hacker Susan Gardner is urging small local businesses to ensure they are cyber safe to prevent illegal hackers accessing their databases. Picture: Michael Gillen

A computer hacker is warning small businesses they need to be cyber safe to prevent online crooks accessing their databases for their customers’ private details.

Susan Gardner, who teaches ethical hacking courses at Forth Valley College in Falkirk, is urging local companies to up their levels of online security in the wake of recent high profile attacks on UK-wide communications company TalkTalk and a small hairdressing business in Glasgow, highlighting that it’s not just the big corporations which are at risk from hackers.

Small firms are at as much risk as large corporations are Susan Gardner

The TalkTalk hack was one of the biggest in UK history causing panic among its millions of customers that personal details such as credit card, bank account numbers and passwords had been stolen and were in the hands of criminals.

Ms Gardner, who also has a photographic memory, is legally protected and employed by companies to hack into their systems to expose their weaknesses so organisations can then protect themselves.

She said: “Small firms are at as much risk as large corporations are and they have the same responsibility to keep people’s data secure under the Data Protection Act.

“With businesses hackers are looking to steal data like personal information of staff and customers like names, addresses, credit card numbers or data they can sell to competitors or criminals.

“My advice is to have regular ‘pen’ (penetration) tests which will show up any vulnerabilities that illegal hackers can exploit.”

Governments are investing more money into combating the threat of cyber crime in the future as there is currently a skills shortage, while Forth Valley College is one of just two in Scotland running the new National Progression Award (NPA) Cyber Security Level 5 course.

The Scottish Government is launching a ‘Cyber Resilience Strategy’ later this year, “setting out high level actions that will evolve to keep pace with rapid digital change”.

The Scottish Business Resilience Centre offers cyber security services in Scotland for major public and private organisations.

Chief executive Mandy Haeburn said: “You may think that only large companies like TalkTalk are targets for cyber crime but that is simply not true.

“As small companies do not have large IT departments looking after their cyber security but still have lots of valuable information, they are viewed as ripe and easy pickings for cyber criminals.”