A cyber security expert has warned UK businesses that it is crucial to constantly evolve digital security solutions to meet an ever changing, dynamic threat.
The National Cyber Security Centre (NCSC) prevented a record number of cyber attacks in 2021. Despite this, cyber crime still cost the UK economy a huge £2.5bn in stolen revenue in the same year. This figure is likely to increase in 2022. The world is a different place than what it was 12 months ago and cyber security threats have risen in line with threats of peace in Europe.
In order to tackle the present and growing threat of cyber attacks, the UK Government introduced new legislature this year aimed at tackling serious cyber crime. Companies working in key sectors must put in place stringent cyber security measures. Failure to do so could see fines as high as £17m being levied.
War In Ukraine Has Increased The UK’s Cyber Crime Threat
There are very real concerns that Russian state-backed actors could retaliate against what Russia deem as unfair sanctions imposed upon it. Financial Technology Research Centre director Ian McKenna is aware of the cyber security threat posed by Russia.
“Russia is generally a centre for cybercrime activity, but it is also well known that they have developed major cyber warfare capability,” before warning of the “high risk that they will attack the institutions that are being used to impose sanctions and freeze assets”.
Although the threat is greater for large organisations deemed vital to the UK infrastructure, there still remains a serious threat for smaller UK businesses. The increase in ‘ping activities’ from Russia suggests that malicious actors are actively probing organisations for weaknesses.
How Do Cyber Attacks Take Place?
Globally, a huge 91% of all cyber attacks begin with a phishing email, it’s how access is gained. On the whole, phishing emails are generally easy to defend against; don’t open them, report them to your IT department or IT provider. However, worryingly a study found that 78% of employees will still click on a suspicious looking link.
This suggests that education into cyber security is just as important as the digital defences deployed against an attack. It’s certainly a case of prevention is better than the cure.
Touching on the ominous Russian actor threat, John Edwards of the Information Commissioners’ Office understands the very real modern day threat to all UK businesses.
“This is a different era from blacking out the windows and keeping the lights off. The threats are going to come in through your inbox.”
A further cyber security failing for UK businesses comes through the ‘digital supply chain’, research shows that just 12% of businesses monitor the cyber security risks from suppliers. There is an assumption that these suppliers have robust digital security measures in place, however this is not always the case.
To tackle this vulnerability, the UK Government has launched an investigation into how it can improve upon the current Network and Information Systems Regulations (NIS) in order to ensure large companies’ cyber security measures are resilient.