UK businesses are facing more cyber-attacks than ever
More online attacks are being launched against UK businesses than ever before according to a new report from the National Cyber Security Centre (NCSC), which is part of GCHQ.
‘The Cyber Threat to UK Business’ report details some of the biggest cyber-attacks from the last year and notes that risks to UK businesses continue to grow.
Emerging threats are also highlighted, such as theft from cloud storage and cryptojacking, in which computers are hijacked to create cryptocurrencies such as bitcoin.
Cryptocurrency mining scripts were even found hidden on UK and other government websites in February. https://eandt.theiet.org/content/articles/2018/02/uk-government-websites-infected-with-cryptocurrency-mining-script/
Criminals have access to “nation-state grade capabilities” to cause chaos on a global scale, the report said.
This includes crippling websites and stealing swathes of personal information, said Oliver Gower, deputy director for cybercrime at the National Crime Agency (NCA) which co-wrote the report.
Cybercrime is classed as a tier-one threat, alongside terrorism, war and natural disasters, because it threatens a vital part of the national infrastructure.
“We are seeing more cyber attacks on UK businesses than ever before,” Gower said.
“We’re seeing these across a whole range of victims from large multinational companies to sole traders and small and medium sized businesses. Overall, the threat is becoming more severe.
From next month businesses could face large fines if they fail to tell the Information Commissioner’s Office about data breaches. https://eandt.theiet.org/content/articles/2018/01/government-to-fine-companies-with-poor-cyber-security-up-to-17m/
“We’ve seen when companies have tried to cover it up that has caused more harm,” he continued.
“With Uber they paid the criminals 100,000 US dollars to have the data deleted but in time these things come out and it does more damage to public trust if you haven’t been upfront.
“One of the most important things for businesses is to be prepared and have a very good resilience plan for when this happens, including a comms plan about how to tell customers and to help customers protect themselves to limit the harm.”
The report says many cyber-attacks can be prevented or mitigated by just following basic security measures.
It reveals that the NCSC, that was set up in 2016 as part of a £1.9bn plan to tackle cybercrime, dealt with 34 significant cyber-attacks between October 2016 and the end of 2017.
The biggest was the devastating international strike on bodies including the UK National Health Service. It also recorded 762 “less serious incidents”.
The NCA leads law enforcement efforts to stop hackers, and Gower said he wants to get to the stage where any police officer can give advice about online security.
He said: “It should be in modern policing in the 21st century that speaking to any police officer you can receive advice about how to stay secure, not just in the real world but online as well. That’s where we need to get to.”