An average UK business faced as many as 65,000 internet-borne cyber attacks between April and June, up from around 42,000 in the first three months of the year.
Database applications of UK businesses were targeted 105 times each on a daily basis, up from just 14 in the previous quarter.
Despite growing awareness among UK businesses about cyber security, social engineering, and phishing scams, the number of attacks faced by each business grew by 52 per cent between April and June compared to the previous quarter.
According to a report from Beaming, a business ISP, two out of every three cyber attacks faced by UK businesses between April and June were focussed on disrupting connected devices like networked security cameras and building control systems.
At the same time, hackers increased their focus on breaching company databases to gain access to sensitive information on companies as well as their customers. While an average company database faced 14 cyber-attacks every day between January and March, the number rose to 105 attacks per day between April and June, signalling a decisive shift in the approach adopted by hackers.
The total number of cyber-attacks on an average UK business, including those targeting databases as well as those targeting connected devices, rose to an alarming 65,000 between April and June compared to just over 42,000 between January and March.
“Major organisations have been brought to their knees to by global cyber attacks and our research shows the likes of Wannacry are just the tip of the iceberg. UK businesses were targeted more than 700 times each on a daily basis by hackers over the last three months, who focused on hijacking connected devices and databases,” said Sonia Blizzard, managing director of Beaming.
“The majority of internet-borne cyber attacks are automated computer scripts that search the web for weaknesses and attack company firewalls for vulnerabilities constantly. Businesses need to keep these vital defences up-to-date, prioritise security over convenience and ensure employees understand both the evolving threat and their cyber security responsibilities.”
Reasons behind the spike in cyber-attacks are many, but the most significant is the usage of infrastructure-targeting malware, the success of which has emboldened hackers to target more and more industries and businesses.
Through malware injections, hackers are capable of finding vulnerabilities in industrial systems and use them to alter or damage operations. At the same time, hackers are also employing potent ransomware that can brick systems and force users to decide on either paying up or losing their data.
‘We know the scale of the threat is significant: one in three small firms and 65% of large businesses are known to have, experienced a cyber breach or attack in the past year. Of those large firms breached, a quarter were known to have been attacked at least once per month,’ said Matt Hancock, Minister for Digital and Culture while responding to a report commissioned by the Institute of Directors.
The said report revealed some disturbing facts about the preparedness of businesses to tackle cyber-attacks. Out of 845 directors polled by the Institute, 45 percent admitted that they had no formal cyber security strategy, only 44 percent had initiated cyber awareness training and an alarming 40 percent didn’t know who to contact in the event of a cyber-attack.
‘With threats evolving all the time, and demanding new regulations just around the corner, we cannot afford another year of complacency from business. Now is the time for firms to test their defences and make sure all of their employees, including management, have the right skills and knowledge on cyber security. This isn’t an IT issue, it’s a business survival issue,’ said Stephen Martin, Director General of the Institute of Directors.