Cyber-security professionals and organisations are auditing 2019 statistics, and the results are far from optimistic. Cyber-attacks on British businesses more than doubled last year, with each organisation facing an average of 576,575 large and small, reported specialist business ISP Beaming.
Risk Based Security earlier reported that 7.9 billion records have been exposed globally due to data breaches in the first nine months of 2019, up 112 percent from the corresponding period in 2018. Of them, 3.1 billion data records were exposed from just six breaches, the report said.
"The number of internet-borne attacks in 2019 was 152 percent higher than the 281,094 recorded in 2018 and was the largest volume of cyber-crime attempts recorded in a single year since Beaming started analysing attacks in 2016. On average, cyber-criminals from around the world subjected UK businesses to 66 different attacks every hour during 2019," said the Beaming report.
Cyber-criminals used 1.8 million unique IP addresses to launch attacks on UK businesses during 2019, said the report. A fifth (18 percent) of them were traced to locations in China, followed by Brazil (seven percent), Taiwan (six percent), and Russia (five percent).
Network device administration tools and IoT applications such as building control systems and networked security cameras were the most common targets with 92,448 online attacks, 35,807 attacks sought to compromise file sharing applications, noted the Beaming report.
When the numbers even out, each UK company with an internet connection was attacked online more than once a minute in 2019, commented Beaming managing director Sonia Blizzard. However, most small and medium businesses are yet to understand the gravity of the threat, she noted.
"Most business leaders, particularly at the smaller end of the spectrum, still don’t recognise the threat or incorrectly assume that their broadband router and antivirus systems will be sufficient to keep them safe," she said.
The recent industry-wide drive to improve data protection standards and cyber-security investment has not stopped breaches due to two main reasons: lack of success despite an increase in investment, and the will to hack overpowering the need to protect, observed Ray Walsh, data privacy expert at ProPrivacy.
"Despite the recent drive in investment and growing awareness of the risks, there is still a lot of room for improvement because the vast majority of successful penetrations occurred due to misconfigured databases, backups, endpoints and services. This proves that getting things right stands to massively improve data security and shows that firms are still leaving the doors open to attacks," he said.
"With the number of companies falling victim to cyber-crime increasing each year, it is clear that most need to do more to protect themselves. We advise businesses to put in place multiple layers of protection, use methods such as two-factor authentication, and to secure their data while it travels over the internet," said Beaming’s Blizzard.