UK Firms Deluged with Cyber-Attacks in 2017
UK firms were hit by over 230,000 cyber-attacks each in 2017, with the majority targeting connected devices, according to new data from Beaming.
The business ISP analyzed attacks on thousands of its customers in real-time and recorded on average 633 attempts each day to penetrate their corporate networks, amounting to 231,028 attempts over the course of the year per firm.
That’s up slightly on the 228,659 attacks per business spotted by the Hastings-based ISP in 2016.
Some 70% of attacks targeted connected devices such as networked security cameras, according to the research.
Internet of Things devices and endpoints are increasingly seen as a potential weakness in corporate security systems, exposing organizations to the risk of compromise.
In July last year, researchers uncovered a widespread new flaw in a popular web services toolkit which may affect as many as tens of millions of connected devices. Devil’s Ivy was found in 249 models of connected cameras produced by Axis Communications.
Then, in November, Trend Micro research found 2.5 million exposed cyber assets in London alone — including many smart and connected devices — all via a simple Shodan search.
Between Q1 and Q4 2017, Beaming reported a six-fold increase in attacks targeting company databases, while attempts to hijack Domain Name Systems soared five-fold and attacks on remote desktop systems tripled.
Managing director, Sonia Blizzard, explained that 2017 was the worst year yet for cyber threats targeting UK firms.
“With most attacks targeting relatively simple devices connected to the Internet of Things it is possible many companies are already infected and don’t know about it,” she added.
"Keeping anti-virus software up-to-date is a good first step, but it isn’t enough to combat the growing threat. Businesses need to review their network perimeter regularly, monitor corporate systems for unusual activity and restrict access to personal email and file sharing applications in the workplace."
Blizzard recommended unified threat management devices or managed firewall services with full perimeter control to help mitigate the risks outlined in the report.
Source: Information Security Magazine