Although the volume of cyber attacks on businesses was lower over the summer months than in the second quarter of the year, Beaming’s analysis shows an increasing number of attacks on remote desktop applications, VoIP telephone systems and virtual private networks (VPNs) used to connect firms to remote workers and regional offices.
On average, UK businesses were subjected to 1,842 cyber attacks attempting to access remote desktop applications in the third quarter, 540 more than during the three months to the end of June. There were 586 attacks per business targeting VoIP systems and 73 attempts to access the private communication networks.
Connected devices such as remote controlled security cameras and building control systems continue to be targeted at the greatest rate by hackers. Unauthorised attempts to take control of these systems accounted for 63 percent of all internet-borne cyber attacks in the last quarter. Company databases were also frequently targeted, accounting for just under a fifth (16 percent) of all attacks.
Sonia Blizzard, managing director of Beaming, comments: “The nature of corporate cyber attacks is shifting. While most still target relatively simple devices connected to the Internet of Things and information held in company databases, we are seeing evidence that hackers are turning their attention to technologies that support branch offices and remote workers.”
“The rates of cyber attack on internet telephony systems, remote desktop applications and virtual private networks have more than doubled since the start of this year. As more people choose to work remotely, these technologies are becoming increasingly important. They need to be protected properly if they are to create value and not new areas of vulnerability.
“Data must be encrypted where it is stored and while travelling across the internet. Strong protections should be put in place to secure company devices and people should be trained on how to avoid the main cyber security risks they might be exposed to.”
Rob Norris, VP Head of Enterprise & Cyber Security EMEIA at Fujitsu commented, “Digital is the new frontline of national security. The reality is that with the growth of our digital infrastructure, everywhere from government services to power and water supplies, cyber-attacks now represent a critical threat. Cyber criminals are constantly growing in sophistication and using new tactics including artificial intelligence to attack key targets. As well as lone actors and organised crime groups, we now face the threat of state sponsored attacks. In the future, it’s entirely conceivable that we could see global conflicts carried out largely, if not entirely, through cyber warfare.
“That of course means that our national security infrastructure must keep up, with continuing investment in GCHQ, for example. It’s also vital that we inform employees and the public about the basic principles of cyber security, as in many cases they may be on the front line of attacks. It is not only down to GCHQ to protect our digital borders and critical national infrastructure; it is everyone’s responsibility to recognise the threat and educate employees to respond accordingly. By acknowledging the national importance of cyber security and taking preventative measures, we can ensure we are adequately prepared for the challenges to come.”