UK stung by 140% increase in cyber-attacks

15 May 2019 Consultancy.uk

Cyber-attacks in the UK spiralled upwards by 140% in 2018, according to a recent cyber-threat landscape report. According to the paper, a rise in botnet activity also saw 40% of small and mid-sized businesses impacted by at least one cyber-attack over the 12-month period.

While digital technology has revolutionised modern business, the vast and rapid changes it has led to have also presented huge opportunities for digital-savvy scam-artists. Illustrating the extent to which digital disruption has also opened innumerable doors for cyber-criminals, cyber-crime has boomed in the last decade. In the final quarter of 2018, a study commissioned by Bromium found that the cyber-crime economy has grown to an estimated $1.5 trillion annually. That ‘conservative’ figure alone is so large that if it constituted a national GDP, it would be the world’s 13th largest economy.

Now, a new study from computer and network security company eSentire has found that cyber-attacks in the UK spiked by a colossal margin over the course of last year. According to the study, Britain was stung by 140% more cyber-attacks than the year previous, something driven chiefly by a global increase in botnet activity. This increase in attack traffic also caused nearly 40% of small and medium enterprises in the UK to experience at least one cybersecurity incident.

UK stung by 140% increase in cyber-attacks

A botnet is a number of Internet-connected devices, each of which is running one or more bots. The method can be deployed in a distributed denial-of-service attack, and allows the attacker to steal data, send spam, and access the device and its connection. The tactic drove significant increases in the number of exploits (10%), malware (45%) and scanning (15%) detections observed by eSentire during 2018, while only phishing – still a significant threat to UK businesses – saw a decrease in observed incidents (20%).

Digital opportunities

As has previously been stated, increased digitalisation, particularly within ‘Industry 4.0’ and the ‘Industrial Internet of Things’ can create additional avenues for attackers to penetrate systems. Recent studies found that IoT (the interconnection via the Internet of computing devices embedded in everyday objects, enabling them to send and receive data) could add $14.2 trillion to the GDP of 20 major economies by 2030, and that Industry 4.0 is set to receive almost $4.5 trillion in funding over the coming five years.

This new connectedness leaves companies and individuals vulnerable, however. Now, a single breach in some far-flung nook of a company could compromise an entire network. Understandably, then, attacks on IoT devices have also seen significant growth, with “a growing trend in IoT exploits targeting cameras, door controllers, surveillance equipment and media devices throughout our global customer base.” In the UK, this saw the vast majority of observed exploits specifically impacting devices manufactured by AVTech, a leading manufacturer of video surveillance and monitoring equipment.

The researchers also found that attackers were still keen on deploying Dropbox-themed phishing lures. Fortunately, the report found that employees in the UK are actually better than their global counterparts at preventing malicious attacks, including phishing attacks, despite evidence that organisations in the UK had a higher percentage of exploit attacks than the global average. This comes months after a SailPoint survey found that almost 80% of UK workers see regulatory and security compliance as the responsibility of everyone in an organisation.

Commenting on the findings, Alex Jinivizian, eSentire Vice President for Strategy and International Marketing, remarked, "We hope that this data will not only be a benefit to those businesses based solely in the UK but also be of benefit to international businesses that have customers, employees and offices in the region as well."