This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

MI5 director says that London business has lost £800 million to a cyber attack

Share this article:
MI5 director says that London business has lost £800 million to a cyber attack
MI5 director says that London business has lost £800 million to a cyber attack

MI5 has acknowledged the threat of cyber crime to the UK.

Speaking last night at the Lord Mayor's Annual Defence and Security Lecture, the director general of the Security Service, Jonathan Evans, said that ‘malicious activity in cyber space' has become more prominent in the last few years, saying that the frontline in cyber security is ‘as much in business as it is in government'.

He said: “Britain's National Security Strategy makes it clear that cyber security ranks alongside terrorism as one of the four key security challenges facing the UK. Vulnerabilities in the internet are being exploited aggressively not just by criminals but also by states and the extent of what is going on is astonishing – with industrial-scale processes involving many thousands of people lying behind both state-sponsored cyber espionage and organised cyber crime.”

He described this as a threat to ‘the integrity, confidentiality and availability of government information' and also to business and to academic institutions, with not only government secrets at risk, but also the safety and security of the UK infrastructure ‘and the intellectual property that underpins our future prosperity and the commercially sensitive information that is the life-blood of our companies and corporations'.

Evans also admitted that one major London-listed company had incurred revenue losses of some £800 million as a result of a hostile state cyber attack, not just through intellectual property loss but also from commercial disadvantage in contractual negotiations. “They will not be the only corporate victim of these problems,” he said.

He also said that the Security Service is working with ‘many others' that are of high economic value and that are potential future targets of hostile state cyber activity.

Evans praised the work of the Centre for the Protection of National Infrastructure, GCHQ, the Department of Business Innovation and Skills, the Department for Energy and Climate Change and law enforcement, saying that the work that is being done has allowed it to investigate cyber compromises in over a dozen companies.

We are contributing to the international process of ensuring that the appropriate IT security management standards are in place to manage some of these new risks. So far, established terrorist groups have not posed a significant threat in this medium, but they are aware of the potential to use cyber vulnerabilities to attack critical infrastructure and I would expect them to gain more capability to do so in future,” he said.

He concluded his section on cyber security by encouraging the boards of all companies to consider the vulnerability of their own company to these risks as part of their normal corporate governance, and require their key advisors and suppliers to do the same.

On issues of justice and national security, Evans said that the proposed legislation to ensure that communications data continues to be available to the police and security agencies in the future, as it has in the past, was a ‘necessary and proportionate measure to ensure that crimes, including terrorist crimes, can be prevented, detected and punished'.

He said: “It would be extraordinary and self-defeating if terrorists and criminals were able to adopt new technologies in order to facilitate their activities while the law enforcement and security agencies were not permitted to keep pace with those same technological changes.”

Share this article:

SC webcasts on demand

This is how to secure data in the cloud


Exclusive video webcast & Q&A sponsored by Vormetric


As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.


View the webcast here to find out more

More in News

Password recovery made too easy

Password recovery made too easy

A senior malware analyst has slammed the availability of a `password recovery' utility from Freehostia, noting that the software actually uses network admin utilities to take credentials from the users' ...

Belgacom says alleged GCHQ APT attack cost firm £12 million

Belgacom says alleged GCHQ APT attack cost firm ...

One year on from a nation-state APT which 124 systems at telecom operator Belgacom and the firm has detailed the cost and manpower involved in the clean-up operation.

CryptoWall compromises 40,000 UK citizens

CryptoWall compromises 40,000 UK citizens

Research just published claims to show that ransomware - in the shape of CryptoWall - is still generating healthy volumes of income for the cyber-criminals behind the code.