Cyber threat to UK business is ‘significant and growing’

Written by Rebecca Hill and Jenni Davidson on 15 March 2017 in News

A joint report from the National Cyber Security Centre and the National Crime Agency predicts future cyber threat trends

Cyber crime - Image credit: elhombredenegro via Flickr

The cyber threat to UK business is “significant and growing”, according to a new security report.

The first joint report by the new National Cyber Security Centre (NCSC) and the National Crime Agency (NCA), The Cyber Threat to UK Business, also warns that cyber attacks in the past year have reached a “scale and boldness not seen before”.

In the three months since its creation, the NCSC has tackled 188 high-level attacks that were serious enough to warrant its attention.


Cyber security is no longer just about financial and reputational loss

MPs blast UK Government for 'chaotic' approach to tackling cyber crime

Philip Hammond tells business to ‘sharpen its approach’ to preventing cyber attacks, as Queen opens new cyber security centre

Three key threat trends are highlighted by the two agencies: that technical expertise is not necessary to carry out attacks, that there are more opportunities as the number of connected devices increases and that criminal groups are learning from one another.

The document sets out a new wave of cyber threats, including an increase in the use of extortion as attacks become “more aggressive and confrontational”, more large-scale attacks from internet of things (IoT) botnets and a growing use of mobile malware, such as malicious or fake apps and SMS phishing attacks.

However, the report said that the most “impactful” attacks in 2017 would be “directed at building blocks on which the internet runs, rather than innovative technology”.

There will also be more targeted attacks on industrial connected devices, such as energy smart meters, networked security cameras and automation like connected indoor lighting.

“A stark example of this was seen in Finland in 2016, when denial of service conditions disabled residential automated heating systems in apartment blocks for more than a week,” the report says.

Organisations should also be prepared for attacks that tamper with data, rather than simply stealing or denying access to it, and for attribution of attacks to become more difficult as malware becomes more tailored to each victim.

In order to fight back, the report says businesses must report attacks, promote awareness within teams, encourage stronger “cyber hygiene” and boost training for staff, and integrate their cyber security measures with risk management.

It stressed that a collaborative approach is necessary to achieve the UK Government aim of making Britain “a secure and resilient digital nation”.

The report said: “A key aspect of this strategy is through robust engagement and an active partnership between government, industry and law enforcement to significantly enhance the levels of cyber security across UK networks.”



Related Articles

Securing the digital world: cyber security and GDPR
22 June 2017

A series of cyber attacks has grabbed the headlines – what is being done to protect our data and our safety?

Put coding at the heart of the curriculum or risk missing out on growth, warns Catherine Stihler
10 October 2018

Stihler, co-founder of the European Parliament’s All-Party Library Group, said “there is no reason Scotland can’t be at the forefront of the coding revolution”

Digital infrastructure must be given same priority as traditional construction projects, says Michael Matheson
10 October 2018

The Scottish Government this week announced plans to establish an infrastructure commission to advise ministers on how spending can deliver maximum benefit for the economy

Related Sponsored Articles

Associate feature: 5 ways IoT is transforming the public sector
5 February 2018

Vodafone explores some of the ways IoT is significantly improving public sector service delivery

Associate feature: Who keeps your organisation secure?
19 February 2018

BT's Amy Lemberger argues that having the right security in place to protect your organisation is no longer just an option. It is a necessity.

Share this page