Majority of UK firms hit by cyber attacks in past 12 months

Firms failing to heed warnings

Two-thirds of UK businesses suffered a cyber attack in the past 12 months, according to government figures.

The Department for Culture, Media and Sport (DCMS) said most of these attacks involved viruses, spyware or malware, and Ed Vaizey, minister for the digital economy, said firms need to do more to protect themselves against such threats.

"The UK is a world-leading digital economy and this government has made cyber security a top priority. Too many firms are losing money, data and consumer confidence with the vast number of cyber attacks," he said.

"It's absolutely crucial businesses are secure and can protect data. As a minimum, companies should take action by adopting the Cyber Essentials scheme, which will help them protect themselves."

A ‘health check' performed by the government found that only a third of 350 top-tier businesses understand the threat of a cyber attack, and only 20 per cent are aware of the implications of sharing data with third parties.

Rohyt Belani, CEO and co-founder of security behaviour management company PhishMe, said he doubted the situation would change any time soon.

"The fact that nearly seven out of 10 attacks on all firms involved viruses, spyware or malware doesn't surprise us as it's what we hear from customers and see in our own research," he said.

"The problem for many is that these infections are often spread via phishing campaigns, and nearly all will be successful as they bait users to open tainted emails that often bypass stringent technology layers to reach the user's inbox. Employees can be too busy, distracted or trusting to give much thought to the possible risks.

"While any government-backed initiative does help raise awareness of the cyber security risks and rewards, it is not going to magically protect organisations from those threats."

To hear more about security challenges, the threats they pose and how to combat them, sign up for Computing 's Enterprise Security and Risk Management conference, taking place on 24 November.