The Public Liability Insurance Blog

Why do we know so little about cyber crime?

Apple IIThis week, MPs have warned that the UK is losing the fight against internet crime. It’s estimated that organised gangs of cyber-criminals from approximately 25 different countries specifically target the UK.

This problem could very easily be as the result of ignorance rather than infrastructure. Last week we issued a press release based on some research we carried out with the help of our clients. Approximately 60% of respondents had no idea what cyber theft is and only 20% thought they might be insured against it.

While those statistics certainly could be worse, that’s still quite a staggering amount. You could argue that some of the 60% just hadn’t heard the phrase cyber theft before but are familiar with the ideas of people hacking into computers and stealing confidential files, and some of the 40% might have assumed it was about Farmville cow-rustling or something, but regardless, it is true that many people just aren’t aware that their computers are a vulnerability.

This is surprising when looking at wider statistics. In the small business world, 87% of firms fall victim to cyber crime every year according to the Department for Business Innovation and Skills, so theoretically it’s actually a minority of companies that haven’t suffered from this already, yet people are still shaky on what it is.

The problem could extend far beyond a simple issue of business knowledge and risk awareness however. This could be as a result of our entire collective perception of what a computer is.

Computer: The mischievous house guest

We’ve lived with computers in our homes for a good quarter of a century now. Originally taking the form of work horses running spreadsheets, databases and word processors, they have gradually shifted away from this and with the ubiquitous nature of the internet, it has pushed the computer over into a full blown entertainer for many people.

When a device allows for communication and the viewing of videos, then consumers and the general population is going to lump it in with the same group of utilities as the television and the telephone, both obedient devices that have existed in living rooms like loyal dogs for much longer than the computer has.

Unfortunately, the computer is a very different creature than both the telephone and the television. To take television as the most common comparison, whereas the television is passive simply reacting to your commands and presenting information to you, the computer is more insidious than this.

You watch television and you watch a computer. The computer however watches back.

Cookies are just the beginning

Cyber theftSpend any time on the internet and you will have noticed that most websites now have to tell you that they use cookies. You may not know what a cookie is and you would not be alone in this, but European legislation has declared that you must be informed when they are being used. A cookie is however an excellent example of what we mean by the computer watching you.

In essence, a cookie is a small file placed on your computer by a website that watches what you do on that site and reports back, allowing that site to adapt its behaviour to you and make the experience more comfortable. Maybe it remembers what you’ve searched for, perhaps it stores your user name and password, maybe it just keeps track of which pages you look at. The point is, that little record of what you’re doing is going from your computer to the website. In other words, that website is watching you and adapting to you.

The cookie is a very simple form of this and it doesn’t take much imagination to work out what more nefarious individuals might be able to do with this sort of functionality. If certain files make their way on to your computer, they can report back all sorts of information, for example a key logger will be able to report back to a third party exactly which keys you are pressing on your keyboard making it an excellent way of swiping passwords. Other pieces of software will simply open up access to your computer from a remote location, meaning someone else can see everything on your hard-drive and do whatever they like with it.

Understanding and education

We don’t on the whole understand computers very well and nobody really tells us about them. They are sold to us as machines that will solve all of our problems without us realising that they create new ones. We are encouraged to sign up for sites that quietly mine and collate personal information to sell (or at least bait) advertisers with, we buy things online and are then surprised when ads for similar products start chasing us round the internet and all the while we haven’t been adequately told why this is all happening.

A lot of people are even unaware that when you access a website, you are basically accessing another computer. That’s all the internet is –computers all connected together, each hosting web-facing pages and applications. It’s incredibly clever, we’re all very comfortable using it, but a lot of us don’t understand it and even those of us that do probably don’t understand it half as much as they think they do.

Unfortunately, many of those that do understand it are getting very good at exploiting it.

Click ok to continue

Why don’t more people know about cyber theft? Probably because a lot of people don’t know about computers despite using them every day. There are a good number of anti-virus software companies that probably go too far the other way and try to scare people into buying their software, almost inventing threats for you to be scared of, but there’s a bead in truth in the sentiment at least.

This problem isn’t going to go away either as the lines continue to blur between devices - people often don’t acknowledge that the same issues with a PC will affect an iPad or a smartphone, which are simply computers with different interfaces. We’re walking around with computers in our pockets and we still don’t understand them.

The big question is what can you practically do about this influx of cyber crime and this constant quiet threat lurking in your homes and offices. The first thing you can do is get some kind of insurance protection in place. Any decent broker will be able to give you a full explanation and tell you whether you need it and what sort of risk you are at if you are at all uncertain.

However, even from a personal standpoint, you might also benefit from educating yourself a little more about the dangers of computers in general. Beyond Facebook, Youtube and other common internet haunts, you would be amazed at just how much important personal information that little box has access to.

Written by David Hing for YOUR Insurance, a broker that can help you set up insurance against cyber theft.