In a week that has been dominated by news of cyberattacks and hacking on a global scale, a report has been released warning that UK businesses need to spend significantly more to defend themselves against both commercially motivated and state-sponsored attacks.
In the past seven days alone, 380,000 of British Airways’ customers have had their financial details stolen by hackers, North Korea has been accused by the US government of being behind the 2017 WannaCry ransomware attack that cost global business billions and the UK government’s security minister has warned that hackers from hostile states attack UK computer networks “on a daily basis.”
Ben Wallace MP, claimed the majority of attacks are state sponsored and that is backed up by a report from US cybersecurity firm Carbon Black. According to its latest Quarterly Incident Response Threat Report, IT leaders are unambiguously pointing the finger at Russia and China for originating the vast majority of cyberattacks.
Yet the Report also identifies North America as the starting point for more attacks than Iran and North Korea which are next on the list. Cybercriminals are seeking more than just financial gain or IP theft – 35% of IT heads say attackers’ end goal is espionage.
UK companies are particularly vulnerable to attack with 82% reporting an increase in cyberattacks in the past 12 months and over nine in ten of these attacks having become more sophisticated, according to the second study by Carbon Black released today.
92% of UK companies say they have been breached in the last 12 months with well over half (58%) saying they have been breached three times or more in the last 12 months.
It’s now estimated that the cybercrime community is spending $1 trillion a year on hacking, malicious attacks and breaches. By comparison, the amount spent by business worldwide on protecting itself from them is put at just $96 billion. In other words, companies and organisations are being outspent by a ratio of 10 to 1 on cyberspace weaponry.
Carbon Black say businesses everywhere – but particularly in Britain – are being naïve about the scale and the sophistication of the evolving cybercrime community, relying on outdated antivirus and firewall tools for protection instead of taking proactive steps to address the problem.
Worryingly for UK PLCs, almost half (45%) of the companies surveyed said they would not be increasing their cyber defence budget by more than a fifth in the next year, with some even planning to reduce their total spend.
An interview with Rick McElroy, Head of Security Strategy at Carbon Black can be seen here: