UK firms confess cyber crime fears


The recent run of high-profile cyber attacks on private and public sector firms has left many UK companies living in fear that the same could happen to them.

This is the view put forward by IT security firm Detica in its annual Cyber Security Monitor report, which features responses from 100 IT decision makers from UK companies whose yearly turnover exceeds 350 million.

It is striking that more organisations have not commissioned work to estimate their exposure to these risks.

According to the report, 85 per cent of respondents expect to see a marked rise in the number of cyber attacks that take place this year.

When asked who would be the most likely candidate to stage an attack against their IT systems, 73 per cent said criminal groups or professional fraudsters. In the 2011 report, this figure was 58 per cent.

Since last year's report, the percentage of IT decision makers concerned about hobbyist hackers or activists launching attacks on their systems has increased from 48 per cent to 56.5 per cent.

Meanwhile, the number of respondents worried about their competitors carrying out attacks has fallen from 48 per cent to 28 per cent during the same time period.

The theft of intellectual property and competitive bid information during a cyber attack was the biggest source of concern for IT decision makers in the technology sector.

Meanwhile, firms in the financial services market are more concerned about loss of customer data, reputational damage and interruptions of service for customers.

"Respondents in the financial services firms are far less likely to be concerned about industrial espionage and competitors and more concerned about the threat of targeted attacks from activists," stated the report.

"This is most likely due to a year of high-profile [offline and online] political activism and may reflect concerns that a new generation of tech-savvy activists might seek to extend campaigns, such as Occupy Wall Street', into the virtual domain."

Thirty-eight per cent of the IT decision makers questioned said they had worked out the likely cost to their business of a cyber attack. Of this group, a third (34 per cent) said an attack on their business would set them back at least 50 million.

The report said: "Given the anticipated high [financial] impacts, and the known high likelihood of suffering an attack, it is striking that more organisations have not commissioned work to estimate their exposure to these risks."

David Harley, senior research fellow at anti-virus software vendor ESET, said the report's findings suggest end users can no longer assume that cyber attacks only happen to household names.

"It doesn't take a very large crystal ball to predict that attacks are likely to increase. However, I'd love to know what precautions those respondents are taking that makes them so confident that they can resist targeted attacks," he said.

Caroline Donnelly is the news and analysis editor of IT Pro and its sister site Cloud Pro, and covers general news, as well as the storage, security, public sector, cloud and Microsoft beats. Caroline has been a member of the IT Pro/Cloud Pro team since March 2012, and has previously worked as a reporter at several B2B publications, including UK channel magazine CRN, and as features writer for local weekly newspaper, The Slough and Windsor Observer. She studied Medical Biochemistry at the University of Leicester and completed a Postgraduate Diploma in Magazine Journalism at PMA Training in 2006.