UK Firms Hit by 43,000 Cyber-Attacks Each in Q1

UK firms were forced to fend off 43,000 cyber-attacks each in the first quarter of 2017, with IoT devices in particular targeted.

According to new stats from ISP Beaming, who analyzed data on thousands of UK firms and found on average each were hit by 474 attacks per day.

Although this figure was 7% lower than the same time last year (512) and only around half the volume of attacks in the previous quarter (1052), there was a definite increase in IoT-focused threats.

Some 92% of attacks spotted in Q1 2017 targeted IoT devices ranging from internet-connected CCTV cameras to building control systems.

In total, that’s 39,000 cyber-attacks per UK business targeting IoT systems; an 84% increase over the same period in 2016.

“The vast majority of attacks are computer scripts seeking to take control of devices connected to the Internet of Things. Businesses are allowing suppliers inside their firewalls to provide access to devices such as networked printers, air conditioning units and building control systems, but the holes they are making – if not done properly – can create vulnerabilities that criminals can use too", explained Beaming managing director, Sonia Blizzard.

“Once inside the network, hackers can take control of company assets and use them as part of a bigger hack or distributed denial of service attack at a later stage.”

The latter threat has become particularly high profile over the past few months with the emergence of the Mirai malware, designed to seek out poorly configured IoT devices and conscript them into a botnet.

More recently still, researchers discovered a new variant using the same exploit vector but designed to cause permanent denial of service (PDoS).

Over a four-day period, a Radware honeypot recorded 1895 PDoS attempts worldwide via two separate bots it named Bricker Bot.

“Any business that is connected to the internet needs to take responsibility for cybersecurity at board level, review their firewall policies and ensure they are doing everything they can to ensure they don’t expose their people, assets, customers and business partners to greater risk,” argued Blizzard.

“A modest investment in next generation firewalls, unified threat management devices and intrusion detection makes a lot of sense for most businesses today.”

What’s Hot on Infosecurity Magazine?