It has been declared by the BCC (British Chambers of Commerce) that one in every five British businesses has been a target of an online attack by multiple hacker groups. What’s more worrying, over 76% of the businesses have admitted that they have little or no security that would be able to resist, or even slow down a hacking attack. This is especially surprising considering the recent publicity when it comes to such kind of threats, and also the rising dangers of such attacks.
Larger companies, which are those with 100 employees or more, have suffered more attacks and around 42% of these companies were targeted, while the hackers only attacked about 18% of the smaller firms.
A series of high-profile attacks followed a survey of 1,200 businesses, and the targets were the company databases. Companies affected include telecoms firm called TalkTalk, search engine Yahoo, and even a dating site Ashley Madison.
Hackers have accessed Yahoo’s email addresses, dates of birth of its users, their telephone numbers, passwords, and even security questions and answers from an amazing number of 1 billion user accounts from August 2013, and that makes this the largest security breach in the history of the internet. The scary part is that the breach was only discovered last year.
BCC’s director-general Adam Marshall has stated that these attacks risk companies’ finances, but also more, including the reputation and the confidence, and that the victims of such attacks report both monetary losses and the disruption of their businesses. Every company has a chance of becoming a target of such attacks, but statistics shows that larger and more successful companies make more interesting targets.
A further survey showed that a majority of attacked businesses (63%) have called upon the IT providers and asked for help with resolving the issues that have appeared after an attack was made, while the 12% of attacked banks and 2% of attacked police and other law enforcement agencies have decided to try and deal with the problems by themselves.
Marshall has also said that “Firms need to be mindful of the extension to data protection regulation coming into force next year, which will increase their responsibilities and requirements to protect personal data. Firms that don’t adopt the appropriate protections leave themselves open to tough penalties.”
One of the firms with a greatly flawed security was the TalkTalk telecoms company, and they ended up being hacked in October 2015, and then also fined because of the bad security last year. The fine was a major one, a record even, and it held the amount of £400,000.
During the attack, hackers gained access to over 150,000 customers, which included sensitive data for more than 15,000 people, and all of it could have been prevented if TalkTalk made steps to increase the security of their customers’ info. Unfortunately, some people, and apparently companies, still don’t realize the importance of information in today’s world. They’re not hiding gold, but info can be just as valuable.
Marshall also added that the companies should contact IT support providers for help after cyber attacks and that more help and guidance from the police and the government would be of great help when it comes to recovering from such attacks, and it would even help companies learn how to act during the attacks as well, which would also prevent greater damages.