TalkTalk hacking fall-out worsens
Security experts on front line of data defence
SHARES in TalkTalk plummeted more than 12pc yesterday – taking losses to £413 min just two days of trading following its cyber-attack, writes Emily Davies.
The stock was priced at 268.5p when the markets closed on Thursday night before the hacking of its systems was made public. Last night they closed down another 31.5p at 225.3p.
TalkTalk has been criticised for its handling of the incident with speculation over whether its chief executive Dido Harding should stand down.
The ‘serious and sustained’ attack occurred on Wednesday compromising the details of its 4m customers, but the company did not inform its customers of the breach until after the markets closed on Thursday night.
On Friday TalkTalk announced it had received a ransom demand from hackers, before claiming on Saturday that the data breach was not as severe as first feared.
Last night it emerged police arrested a 15-year-old boy in connection to the hack.
TalkTalk said bank accounts and sort codes had been stolen, which on their own would be insufficient to steal from customers.
Investors now fear TalkTalk could soon face a huge compensation bill amounting to millions of pounds, with the company refusing to clarify what its policy on compensation would be.
Jasper Lawler, a market analyst at CMC Markets, said: ‘Shareholders won’t tolerate many more down-days before calls for chief executive Baroness Harding’s resignation will get too loud to ignore.’
THE premiere of the new James Bond film Spectre offered a glamorous vision of espionage but the naked truth is that 007 is increasingly irrelevant to the security of modern Britain.
As TalkTalk customers discovered last week when a massive tranche of their personal data was stolen, cybersecurity is the front line for companies and governments fending off attacks from villains and fraudsters.
Today’s real-life Bonds are internet experts who spend their days staring at a screen and wouldn’t dream of having a martini – shaken, stirred or otherwise – until after they’ve logged off. Ironically, TalkTalk disclosed its massive data breach on the same day last week that the UKTI and Department for Business launched the Cyber Development Centre, designed to promote a new generation of mouse-wielding cyberspooks.
The Centre’s role is to provide a showcase for 900 British cybersecu- rity firms to demonstrate their ability to shield international businesses from online crime.
The Government is keen to show it is taking this fast-growing risk seriously, after announcing plans to invest £860m into a National Cyber Security Programme and setting up a specialist unit inside the National Crime Agency.
The Department of Culture, Media and Sport select committee of MPs yesterday announced an inquiry into data protection and encryption in the light of the TalkTalk revelations.
But the debacle has shown that government and corporate efforts to plug leaks of digital information often lag far behind the ability of hackers to subvert security systems. That deficit creates a huge opportunity for cybersecurity businesses to win contracts as firms scramble to ensure that they are not the next household name to be forced into a humiliating apology.
One firm that has already taken advantage is Sophos, the Oxfordshire-based firm that was valued at £1bn earlier this year in one of the largest technology floats seen in the UK.
The company made a name for itself offering advice and products to small and medium-sized firms who do not have the budget to invest in the latest online security systems but could be ruined by one major breach.
Britain’s mammoth defence champion BAE Systems – better known for building Typhoon fighter jets – is already finding that cybersecurity is among its fastest- growing business sectors.
It is to BAE’s ‘ cyberspecialists’ that TalkTalk boss Dido Harding ( pictured) – cast in this drama as a perennially red-faced ‘M’ – has turned in her hour of need.
Applied Intelligence, BAE’s UK-based cybersecurity and anti-fraud division, saw its order book grow by 37pc last year, while sales are slated to increase 30pc on last year. The £1bn revenue from the wider Cyber & Intelligence division is nearly a third of what BAE’s US Platforms & Services division racked up in the more traditional business of selling missile launchers, armoured combat vehicles and naval guns.
And if graduate intake is anything to go by, BAE expects cybersecurity to grow still further as a proportion of its overall business; more than a third of its UK graduate intake in 2014 was recruited to work in Applied Intelligence.
But technology firm Raytheon will today release a survey showing that the UK is facing a skills shortage in IT just when it needs to increase its ranks of cyberpolice. Head of research Paul Crichard said: ‘We still aren’t doing enough to attract people into the field. It’s vital we engage more actively with schools and students, and do so at an earlier age, or risk facing a critical skills gap.’ Ironic, as it has emerged a 15year- old boy has been arrested in connection with the hacking attack. And industry experts say the attack on TalkTalk provided fresh evidence that for all the noise around the growth of the British cybersecurity industry, we can expect more mammoth slip-ups.
Paul Moore is a freelance security consultant who claims to have warned TalkTalk about their lax security protocols nearly a year ago.
He believes TalkTalk is likely to be one of a long list of victim companies.
‘We’re all vulnerable to these kind of attacks,’ he said. ‘What’s important is how they are handled and prevented. They [TalkTalk] certainly won’t be the last.’
That’s something that trade minister Francis Maude acknowledged when he said: ‘There are two kinds of companies – there are businesses that know they’ve had a cyberattack and businesses that don’t yet know that they’ve had one.’
What’s certain is that UK businesses will have to allocate much more of their spending to cybersecurity in future or risk a devastating effect on their businesses.
Since TalkTalk’s data breach its stock market value has plummeted by £413m – losing more than 12pc yesterday alone – as investors assess the possibility of a client exodus, costly investigation and security upgrades.
The lesson for British firms is clear: prevention is far better – and cheaper – than a cure.