UK businesses were, on average, subjected to almost 230,000 cyber attacks each during 2016, according to new analysis from Beaming, the specialist business ISP. The volume of attacks hitting individual company firewalls passed the 1,000 per day mark, on average, for the first time in November last year.
Hackers focusing on connected devices and the Internet of Things
While a third of attacks against UK businesses attempted to access company databases in the first quarter of 2016, cyber criminals have since shifted their focus to connected devices such as networked security cameras and building control systems that can be controlled remotely over the internet.
There was a 310 per cent increase in the volume of attacks seeking out Internet of Things devices between the first and final quarters of 2016. By the end of last year, more than 90 per cent of cyber attacks on UK businesses sought to take control of connected devices in the workplace.
More cybercriminals targeting UK businesses
Beaming’s analysis indicates that the number of inbound threats against UK businesses has grown during 2016. Beaming recorded a fivefold increase in the number of unique IP addresses used to launch attacks against UK businesses during 2016. More than 98 per cent originated from outside of the UK.
Sonia Blizzard, managing director of Beaming, comments: “As an ISP, we can see what is happening on the internet and take steps to help businesses protect themselves and those they do business with. There are many more elements involved in cyber crime than a year ago. They are launching more sophisticated attacks on UK businesses and covering their tracks carefully.”
“The majority of internet cyber attacks are computer scripts that search the web for weaknesses and probe firewalls constantly for a way in. With the Internet of Things, businesses are punching holes in their own firewalls to provide suppliers with access to devices on their networks. This can open the door to criminals too if not done properly.
“It is imperative that companies regularly review their firewall policies to ensure they are as restrictive as possible and prioritise security over convenience. Once inside, it is relatively easy for hackers to take over connected devices and lie dormant before misusing those assets as part of a bigger hack or distributed denial of service attack at a later stage.
“The cyber threat is real and it is growing. Any business that is connected to the internet needs to take responsibility for cyber security at board level and ensure they are doing everything they can to ensure they don’t expose their people, assets, customers and business partners to greater risk. A modest investment in next generation firewalls, unified threat management devices and intrusion detection makes a lot of sense for most businesses today.”