The boss of a Tyneside recruitment agency that suffered a cyber attack in recent weeks has called on other small businesses to be vigilant.
Ashleigh Wright, the managing director of Gateshead-based Westwray Recruitment, now believes it is “not a case of if but when” it will happen to other firms, having dealt with the fallout of a botched ransomware attack at the hands of online criminals. Westwray’s team of 20 have worked around the clock to pick up the pieces after a weekend attack left them without access to the £6.5m turnover firm’s systems.
Following investigations by the company’s IT provider, it became apparent an attack had taken place and some encrypted data lost that is thought to be low value items that could be found elsewhere on the web. However, Westwray is hopeful the hackers have been unable to access the data owing to a specialist software it uses and supported by the fact the business has not actually received a ransom note demanding money.
Ms Wright has talked of the experience as “one of the scariest things that could have happened” and that until it happened to Westwray, she had not appreciated that small businesses could be a target. The attack impacted Westwray’s ability to pay around 200 temporary staff on its books, with the business scrambling to re-input about three months worth of data and Ms Wright personally calling each temp to explain the delay before payments were made three days later.
“That was really difficult to have to do that. I was more concerned for them - at that point - than I was for my business, because it’s their livelihoods at the end of the day,” Ms Wright said.
She added: “I do think we've been lucky compared to other businesses because we’re a service business. We don’t have systems that are connected to machines, for example, which would stop the operations.
"Because we’re a service business and we’re speaking to people every day, that’s pretty much what we do. However, I spoke to a business the other day that’s a manufacturer and it’s impacted on all their machinery. From an operational perspective they haven’t been able to get up and running yet.”
Ms Wright told BusinessLive that despite having cyber security measures in place, she now realises there is more the business can do and has encouraged other firms of a similar size to consider protection and to ask questions of third party suppliers of digital systems.
“Keep checking and revisiting what you’ve got, and checking that it’s the most up to date," she added. "And from an IT and cyber security perspective - they’re two different things, but they’re linked, which I discovered - you should ask your IT and cyber security providers what they are doing and what updates they’re doing. Just to make sure they’re on the ball with it as well because tech evolves so rapidly, it can be hard to keep up with it.”
Don't miss the latest news and analysis with our regular North East newsletters – /newsletter-preference-centre/?view=Solus&mailingListId=275f6170-1cf5-445c-a2a1-fdaa0722270e&utm_source=solusarticle"> sign up here for free
