Business counts the cost of cyber crime

From industrial espionage to online theft, corporations are struggling to deal with the growing menace of cyber attacks

France's finance ministry revealed this week it had become the latest state department to be hit by a cyber attack, forcing it to shut down its systems as hackers targeted documents related to the G20 summit in Paris.

This comes just weeks after UK foreign minister William Hague said the UK had come under attack from a hostile state's intelligence agency and an official report warned that cyber crime costs the UK Government about £2.2bn a year. The report released by the Office of Cyber Security and Information Assurance (OCSIA) found the cost to British business was even more severe at over £20bn a year.

Despite increasing publicity around the attacks, businesses are not doing enough to prevent such attacks, according to a report released yesterday. Ovum analyst Graham Titterington said cyber espionage was a "growing threat to business viability", adding: "Cyber criminals are graduating from stealing credit cards and banking credentials to targeting corporate plans and proprietary information. They want valuable information such as product and technology blueprints, customer lists, or information that can be used to embarrass or disadvantage a victim."

The OCSIA report, compiled by Detica and released last month, estimated that cyber crime costs UK businesses £9.2bn in theft of intellectual property, including designs, trade secrets and methodology.

A further £7.6bn comes from industrial espionage, involving the theft and exploitation of non IP data and £2.2bn from extortion. Direct online theft from financial services and construction makes up £1.3bn and a further £1bn comes from the loss or theft of customer data. The report said: "The results of this study suggest that businesses of all sectors need to look again at their defences to determine whether their information is indeed well protected." Some have questioned the numbers, saying that organisations do not like to broadcast if their systems have been breached – and when it does happen, it's often difficult to quantify the impact.

Yet, the Cabinet Office said, with over 60 companies all looking to sell cyber security products and releasing their own numbers, the report compiled for the OCSIA by Detica gave the "best estimate" of the extent of the cost of cyber crime across the UK. There is certainly no argument over the seriousness of the issue, with many of the problems coming from within companies themselves.

Edward Hamilton, head of information security and assurance at Analysys Mason, said: "Most security breaches happen because of employees – like leaving a laptop on a train – and a lot of cyber security is trying to minimise the threats of people being stupid. The easiest way to get information from an organisation is to bribe an employee.

"Then there is cyber crime run by highly skilled, intelligent people. It is a totally different level of threat."

This includes cyber espionage aimed at senior managers at an organisation who are sent "spear phishing" emails containing malicious links or attachments that affect their machines. Hackers can then identify assets and steal information.

"Most of these won't be detected. They are much more complicated to address and the threat level is significantly higher," he said. "Cyber criminals have greater access to sophisticated technology and they are attacking a more wired business world."

Ovum calls on businesses to raise their awareness of cyber attacks, restrict sensitive information, protect data held on outside sites, vet those who have access to sensitive information and carry out a risk analysis on mobile devices and removable media. Mr Titterington said: "Enterprises need to wake up to the danger posed or risk losing valuable information and having to deal with the consequences."

Jay Heiser, research vice president at Gartner, said: "The external cyber crime threat is increasing at a faster rate and the criminals are getting better at it. They have become increasingly professional." He added that it was not the biggest companies that would suffer. "Big oil companies, global financial firms and pharma all have a very mature approach to cyber crime. They see spending on systems as another cost of doing business.

"My concern is the medium-tier companies, as it's harder for them to make a business case."

The UK Government is aware of the importance of the issue and has taken a series of steps to help combat the problem. It announced a £650m investment in a new national cyber security programme as part of the Strategic Defence and Security Review in October. The OCSIA report called for a central reporting mechanism to allow businesses to report cyber crime and allow the Government to build up a more accurate picture of the level of attacks.

The state has also heeded the call to engage with the private sector over the issue. A Cabinet Office spokesman said Prime Minister David Cameron, Foreign Secretary William Hague and Security Minister Baroness Neville-Jones met recently with representatives from the telecoms, defence, finance, retail, energy, IT and pharma industries to discuss the growing importance of cyber security.

"The meeting called on industry to form a structural partnership with Government to share information about threats and vulnerabilities, as well as co-designing policies on cyber security for the benefit of the UK as a whole," he said.

Mr Heiser added: "Our infrastructure will not collapse from cyber crime. This is Spy vs Spy. A slow, steady increase in threat is being addressed in fits and starts by companies, who are slowly and steadily increasing their security."

News
peopleFrankie Boyle responds to referendum result in characteristically offensive style
Arts and Entertainment
Highs and lows of the cast's careers since 2004
News
news
New Articles
i100... with this review
PROMOTED VIDEO
News
ebooksAn unforgettable anthology of contemporary reportage
Latest stories from i100
Have you tried new the Independent Digital Edition apps?
Independent Dating
and  

By clicking 'Search' you
are agreeing to our
Terms of Use.

iJobs Job Widget
iJobs Money & Business

Senior BA - Motor and Home Insurance

£400 - £450 Per Day: Clearwater People Solutions Ltd: **URGENT CONTRACT ROLE**...

Market Risk & Control Manager

Up to £100k or £450p/d: Saxton Leigh: My client is a leading commodities tradi...

SQL Developer - Watford/NW London - £320 - £330 p/d - 6 months

£320 - £330 per day: Ashdown Group: The Ashdown Group have been engaged by a l...

Head of Audit

To £75,000 + Pension + Benefits + Bonus: Saxton Leigh: My client is looking f...

Day In a Page

Scottish referendum: The Yes vote was the love that dared speak its name, but it was not to be

Despite the result, this is the end of the status quo

Boyd Tonkin on the fall-out from the Scottish referendum
Manolo Blahnik: The high priest of heels talks flats, Englishness, and why he loves Mary Beard

Manolo Blahnik: Flats, Englishness, and Mary Beard

The shoe designer who has been dubbed 'the patron saint of the stiletto'
The Beatles biographer reveals exclusive original manuscripts of some of the best pop songs ever written

Scrambled eggs and LSD

Behind The Beatles' lyrics - thanks to Hunter Davis's original manuscript copies
'Normcore' fashion: Blending in is the new standing out in latest catwalk non-trend

'Normcore': Blending in is the new standing out

Just when fashion was in grave danger of running out of trends, it only went and invented the non-trend. Rebecca Gonsalves investigates
Dance’s new leading ladies fight back: How female vocalists are now writing their own hits

New leading ladies of dance fight back

How female vocalists are now writing their own hits
Mystery of the Ground Zero wedding photo

A shot in the dark

Mystery of the wedding photo from Ground Zero
His life, the universe and everything

His life, the universe and everything

New biography sheds light on comic genius of Douglas Adams
Save us from small screen superheroes

Save us from small screen superheroes

Shows like Agents of S.H.I.E.L.D are little more than marketing tools
Reach for the skies

Reach for the skies

From pools to football pitches, rooftop living is looking up
These are the 12 best hotel spas in the UK

12 best hotel spas in the UK

Some hotels go all out on facilities; others stand out for the sheer quality of treatments
These Iranian-controlled Shia militias used to specialise in killing American soldiers. Now they are fighting Isis, backed up by US airstrikes

Widespread fear of Isis is producing strange bedfellows

Iranian-controlled Shia militias that used to kill American soldiers are now fighting Isis, helped by US airstrikes
Topshop goes part Athena poster, part last spring Prada

Topshop goes part Athena poster, part last spring Prada

Shoppers don't come to Topshop for the unique
How to make a Lego masterpiece

How to make a Lego masterpiece

Toy breaks out of the nursery and heads for the gallery
Meet the ‘Endies’ – city dwellers who are too poor to have fun

Meet the ‘Endies’ – city dwellers who are too poor to have fun

Urbanites are cursed with an acronym pointing to Employed but No Disposable Income or Savings
Paisley’s decision to make peace with IRA enemies might remind the Arabs of Sadat

Ian Paisley’s decision to make peace with his IRA enemies

His Save Ulster from Sodomy campaign would surely have been supported by many a Sunni imam