Almost half of UK firms hit by cyber attack in past year

Published on: 19 Apr 2017

Close to half of British organisations have been hit by a cyber breach or attack in the past year, new research published by the UK government has found.

The Cyber Security Breaches Survey 2017 suggests that businesses that hold electronic personal data are more likely to be attacked, compared to those who don’t (51 per cent to 37 per cent).

Fraudulent emails were the most common route taken by cyber attackers, with most cases coaxing staff into revealing passwords or financial information, or opening dangerous attachments.

Of the businesses which identified a breach or attack, almost a quarter had a temporary loss of files, a fifth had software or systems corrupted, one in ten lost access to third party systems they rely on and a tenth had their website taken down or slowed.

Three-quarters of the sample, which was made up of 1,523 UK businesses including 171 large businesses, said cyber security was a high priority, with nine in ten respondents regularly updating their software and malware protection, while two-thirds invest money in cyber security measures.

The survey also revealed areas where businesses can improve their online defences.

Only seven in ten firms have acceptably strong passwords in place, while only a third operated formal policies on managing cyber security risk.

Just a fifth provided cyber security training, while a tenth had planned for an attack with a cyber security incident management plan.

Ciaran Martin, CEO of the National Cyber Security Centre, said: “UK businesses must treat cyber security as a top priority if they want to take advantage of the opportunities offered by the UK’s vibrant digital economy.

“The majority of successful cyber attacks are not that sophisticated but can cause serious commercial damage. By getting the basic defences right, businesses of every size can protect their reputation, finances and operating capabilities.”