Global firms pay­ing out bil­lions in cy­ber at­tack ran­som de­mands

● High­est loss for a sin­gle busi­ness was £40.2 mil­lion

The Scotsman - - NEWS DIGEST - @NCA_UK By HOLLY WILLIAMS news­deskts@scots­man.com

One in six firms met the de­mands of hack­ers last year by pay­ing ran­soms, ac­cord­ing to the “chill­ing” find­ings of a re­port on cy­ber crime.

The an­nual His­cox Cy­ber Readi­ness Re­port re­vealed that 6% of the 5,569 firms polled – and one in six of those at­tacked – had sur­ren­dered by pay­ing a ran­som fol­low­ing a cy­ber at­tack.

The high­est loss for a sin­gle firm tar­geted with ran­somware was £40.2m.

The re­port also showed that to­tal cy­ber losses surged 50% to nearly $1.8 bil­lion (£1.4bn) in 2019.

Cy­ber losses per firm have risen nearly six­fold, from an av­er­age of £8,041 a com­pany to £45,832.

Bri­tish firms are now 15 times more likely to suf­fer a cy­ber at­tack than a fire or theft, the re­port sug­gests.

It found the big­gest re­ported cy­ber loss among firms in the eight coun­tries sur­veyed was suf­fered by a UK fi­nan­cial ser­vices firm, at £71m.

The re­port also found the high­est loss from any one cy­ber event was £12.7m, in­volv­ing a UK pro­fes­sional ser­vices firm.

It comes af­ter a spate of cy­ber at­tacks on Bri­tish firms, with for­eign ex­change com­pany Trav­elex the vic­tim of a high­pro­file hack at the turn of the year and re­port­edly pay­ing £1.8m in Jan­uary to the Revil ran­somware gang.

The New Year’s Eve at­tack left its sys­tems down for weeks, forc­ing the group to re­sort to pen and pa­per across its branches.

But while cy­ber at­tack losses rose last year, the His­cox re­port also found that firms are im­prov­ing their de­fences against hacks, with spend­ing on cy­ber se­cu­rity ris­ing 39%.

Gareth Whar­ton, His­cox Cy­ber chief ex­ec­u­tive, said: “The num­ber of busi­nesses that have paid a ran­som fol­low­ing a mal­ware in­fec­tion is chill­ing.

“There is, how­ever, one very

His­cox pos­i­tive mes­sage from this year’s re­port – there is clear ev­i­dence of a step-change in cy­ber pre­pared­ness, with en­hanced lev­els of ac­tiv­ity and spend­ing.

“Take-up of stand­alone cy­ber in­surance re­mains patchy but this re­port is a re­minder that firms are many times more likely to have a cy­ber in­ci­dent than ei­ther a fire or a theft for which most au­to­mat­i­cally in­sure.”

The study sur­veyed com­pa­nies across the UK, US, Bel­gium, France, Ger­many,

Spain, the Nether­lands and the Repub­lic of Ire­land.

It found that the av­er­age spend­ing in the UK rose from just un­der £724,000 last year to £1.2m.

His­cox also warned there were new cy­ber threats emerg­ing from the coro­n­avirus cri­sis, with a ramp-up in so-called phish­ing scams and com­pa­nies leav­ing them­selves vul­ner­a­ble due to staff us­ing less se­cure home work­ing com­put­ers.

“The num­ber of busi­nesses that have paid a ran­som fol­low­ing a mal­ware in­fec­tion is chill­ing.”

GARETH WHAR­TON

0 Bri­tish firms are 15 times more likely to suf­fer a cy­ber at­tack than a fire or theft, a re­port sug­gests

Newspapers in English

Newspapers from UK

© PressReader. All rights reserved.