Cyber security is becoming a top priority for UK businesses as the attack landscape continues to grow. Cyber-attacks are constantly improving and diversifying, putting UK businesses at increasing risk.
Ransomware and Crypto-Mining
During the previous 12 months ransomware attacks such as WannaCry have been a persistent threat to organisations and it’s becoming more common for businesses to pay the fraudsters in order to secure the release of their data. In the worst cases, the data is not recovered despite the ransom having been paid.
Another growing trend is the targeting of business IT infrastructure, not for the valuable data it holds, but for its processing power. Crypto-mining attacks, in which criminals use ‘captured’ business’ systems to mine lucrative cryptocurrencies, is now one of the most common reasons for attacks. Earlier this year the first SCADA crypto-miner was seen and it was also revealed that car manufacturer Tesla’s cloud environment was used to mine cryptocurrencies.
These attacks show why cyber security is now firmly on the national agenda for governments and companies in the UK and Europe. Back in November 2016, the UK government launched its National Cyber Security Strategy, setting out plans to make Britain more secure and resilient in cyber space.
In 2017, the National Cyber Security Centre issued a warning that UK critical infrastructure such as power stations are at risk of attack, citing Russia as a major threat to national security. This will become even more important to both the UK and its European neighbours as the country prepares to leave the EU in 2019.
PwC Global State of Information Security Survey 2018
According to the PwC Global State of Information Security Survey 2018, the business impact of cyber-attacks is increasing. Moreover, over a quarter of companies (28%) do not know how many breaches they have had.
Although the average total financial cost of incidents decreased this year to £857,000, the impact of breaches was felt more widely across both business operations and data. Indeed, companies faced an average of 19 hours of down-time following an attack and customer records were compromised at one in four organisations.
According to PwC there is a lot of scope for improved industry collaboration to fight cyber-crime. Only two in five UK companies (44%) formally collaborate with industry peers to improve security and reduce the potential for future risks, compared with 54% across Europe and 58% globally.