CYBERCRIME - THE BIGGEST PROBLEMS FOR CYPRIOT SMEs

 Filenews 8 August 2022

The Directorate-General for Migration and Home Affairs (DG HOME) published in May 2022 a report with the results of the Eurobarometer, conducted in November-December 2021, on "SMEs and Cybercrime"[1]. According to the Eurobarometer results, the following conclusions emerged for Small and Medium-sized Enterprises (SMEs)[2] in Cyprus:

1. The biggest problems in relation to cybercrime faced by Cypriot SMEs in the last 12 months concern phishing, account takeover or impersonation attacks (16%) with a rate higher than the EU average (11%) and viruses, spyware or malicious software (excluding ransomware) (8%) with a percentage lower than the EU average (14%). The relevant data for all EU Member States are presented in Table 1 below.

 

 

2.  The most common way in which SMEs fall victim to cybercrime is scams and frauds (52%) with a percentage that is the highest in the EU and almost double the European average of 28% and password cracking (24%) which is the^{5th highest} rate in the EU with the European average standing at 19%.

Taking into account the results of the Eurobarometer, the Digital Security Authority, in order to prevent the above attacks, recommends to all businesses the following:

1. Beware of emails from unknown senders as well as checking the correctness of the e-mail address even if the sender of the email is known. Do not open attachments or links received from unknown senders.
2. Have appropriate anti-virus software installed, capable of protecting the entire range of their network and their equipment.
3. Do not disclose passwords either by phone or by any electronic means.
4. Their codes should be over 12 characters and contain a combination of capital letters, small letters, symbols and numbers to strengthen them.
5. Change passwords frequently.
6. Verify access controls (also known as two-factor authentication), add an extra layer of security to the account in case of password theft.
7. Checking and backing up as well as their recovery procedures.

It is worth noting that a similar survey on cybersecurity issues in businesses had been carried out at national level by the Digital Security Authority in cooperation with the CCCI. The research aimed, among other things, at assessing the needs of businesses with a view to scheduling training seminars on cybersecurity issues. The seminars will take place in the context of the implementation of the actions of the National Cybersecurity Strategy.

[1] https://europa.eu/eurobarometer/surveys/detail/2280

[2] Enterprises with a number of employees between 1 and 249.