The state of UK cybersecurity and what citizens can do to protect themselves


The current COVID-19 pandemic has sent the world into a frenzy. People stuck in quarantine, businesses moving to a work-from-home model, the entertainment industry stagnating: the world seems to have slowed down in the face of the pandemic. But one group that hasn’t slowed down—the people that have taken advantage of the chaos sowed by COVID? Cybercriminals.

Cybercriminals know an opportunity when they see one. No better evidence of this exists than the National Cyber Security Centre publishing an official warning of criminals and scammers exploiting the COVID-19 pandemic for personal gain.

But what are cybercriminals doing, exactly? Let’s take a look. Keep in mind that the cyber-threats listed below existed before the pandemic and will exist after but pose a greater risk to UK citizens as cybercriminals grow more adept during the pandemic.

3 cyber-threats facing the UK

1. Phishing scams

Phishing is the practice of using social engineering, gaslighting, and other forms of manipulation to extract personal information out of the victim. For example, an email claiming you won a $500 gift card to Amazon is a phishing scam—you will be forced to give up your credit card info and personal information in exchange for the “reward”.

Phishing scams affect both individuals and businesses, but many people around the world fall for phishing scams every year.

2. Data breaches

According to a report published by Carbon Black, up to 88% of companies in the UK have suffered some sort of data breach in the past 12 months. IBM also reports that each data breach costs an average of $3.88 million!

Data breaches not only hurt—or even kill—businesses, but citizens as well. Often, users’ data is the type of data that is breached and stolen, putting many citizens at risk of identity theft, fraud, and various other identity crimes.

3. Ransomware attacks

The 2017 WannaCry attacks set a standard for cybercriminals—a standard that continues to haunt the cybersecurity industry. Many cybercriminals know the value of ransomware, and so ransomware attacks have increased since WannaCry, with Emsisoft reporting that ransomware attacks increased by 41% in 2019.

Ransomware attacks cost a lot to fix, costing business tens to hundreds of thousands of dollars. And citizens? Citizens run the risk of having their stolen or lost, their devices bricked in the worst-case scenario.

5 ways citizens and businesses can protect against cyber-threats

Using a VPN

With so many threats facing the public, it seems impossible to avoid every single cybercriminal or cyber-attack out there. And while that’s true—people will always be caught off-guard by the latest threat—there are ways to protect yourself. One way to do so is by using a VPN.

A Virtual Private Network (VPN) encrypts your device’s data and makes sure your network activity is masked, hidden from everyone else on the network. This ensures your data stays safe and keeps you from becoming a target.

Updating your software

It’s impossible for software developers to know the next big threat. So, when they ship a piece of software and a new form of ransomware or virus pops up, they’re quick to start working on a security patch.

However, not every new security threat makes headlines or is even known about by the general public. Because of this, many security fixes are included in general updates.

Neglecting these updates puts your devices at risk, so always update your device to the latest software version.

Training your employees on basic cybersecurity etiquette

Most data breaches are only possible due to human error, says a report done by IBM. People often make mistakes, and not even the smartest person in the world is invulnerable to the occasional slip-up. However, many citizens and employees don’t know basic cybersecurity.

Take some time to train yourself and any of your employees about cybersecurity issues and what they can do to protect themselves. Doing so will reduce the risk of future data breaches.

Using unique passwords

User accounts are a goldmine for any cybercriminal. Payment information, personal information, user history: user accounts contain enough information for these criminals to make money and—depending on the account—commit identity theft.

Avoiding a hacked account is as easy as using a unique password for each of your accounts. And if you don’t feel secure enough doing that, turn on two-factor authentication for extra security.

Avoiding suspicious links and websites

Scammers utilizing phishing techniques often count on links and ads to trick users and gather information. Because of this, it’s important you stay vigilant and avoid any suspicious link or website.

By suspicious link, I mean links sent to you from a random user or email. And by suspicious website, I mean a website that looks unfinished, has tons of ads floating around the page, and asks for personal information.