...
UK Cybersecurity Report
2022
Every organisation, regardless of size, is exposed to a cyber attack due to the critical amount of client information they hold.
Malicious attackers continue exploiting such databases as people and organisations rely on internet-connected devices.
Businesses need to be highly vigilant about the consequences of different threats, including ransomware attacks, data breaches and phishing email attacks spreading across the UK. According to the Department for Digital, Culture, Media & Sport, four out of ten rms (39%) had experienced cyber security breaches or attacks in 2021 .
The UK Cybersecurity Report 2022 analyses the UK cyber landscape with a particular focus on the most hazardous cyber attacks that
businesses encountered since 2006.
. Key ndings of the UK cybersecurity report 2022
. Ransomware attacks in the UK
. Most affected sectors in the UK
. Size of UK companies affected
. Governmental vs. non-governmental organisations
. The most exposed type of UK data
. Distribution of cyber attacks in the UK by year
. Distribution of cyber attacks in the UK by month
. Inside vs. outside cyber attacks
. Passive vs. active cyber attacks
. Motives of different cyber attacks
. Get a free cybersecurity training
...
The alarming increase in business-related cyberattacks has no doubt been caused by poor security management within hybrid working environments, as companies still struggle to deal with the fallout of the pandemic and the extra nancial burden this places upon them.
Prevention is always better than the cure when it comes to mitigating the impact of business cyberattacks - raising awareness amongst employees and conducting regular cybersecurity training should never be underestimated as part of a successful defence strategy.
Paolo Sartori
Chief Executive Of cer
TWC IT Solutions
- CHAPTER 1 -
Key ndings of the
UK Cybersecurity
Report 2022
Key Finding #1
...
The results show that malware (49.14%), system vulnerabilities (22.41%) and phishing attacks (9.48%) are the most frequent cyber attacks from the 200 major UK cyber attacks that were analysed for this paper.
Based on the cases that were looked at, it was concluded that not all organisations were able to provide information regarding the cyber attack.
Approximately four out of ten UK businesses disclosed details on the cyber attack, including the number of accounts impacted and the type of data that was compromised. The organisation might not always be aware of the attack, or they may be concerned about the potential legal consequences when not revealing this information.
Key Finding #2
...
Ransomware attacks made up 71% of the UK malware cases that have been investigated.
This was followed by supply chain attacks (12%) and email phishing attacks (5%), the two most common types of malware attacks.
Trojan assaults, system vulnerabilities and DDoS attacks made up 10% of all malware cases.
The industries that were impacted the most by ransomware attacks were the services and the retail sector.
76.9% of ransomware attacks targeted B2C businesses.
The NHS ransomware attack
What happened
The malware attack against the NHS in August 2022 was one of the UK's worst cyber attacks. The attack on the morning of the 4th of August resulted in signi cant NHS outages and Advanced, a business that makes software for the healthcare industry , was the main target.
The malware attack impacted services like patient referrals, emergency medications, ambulance dispatch, after-hours appointment scheduling and mental health services.
What we learned
No organisation, no matter how large or small, is safe from the constant danger of cybercrime. Hackers are constantly attempting to stay one step ahead of the cybersphere, with many business owners even recruiting a team of cybersecurity experts to build effective protection measures. Regardless of your current network security, third-party providers in the supply chain can also expose a business to cyber attacks.
Cybersecurity Tip
A Disaster recovery strategy is strongly advised to be implemented to prevent the risk of losing crucial data following any cyber attack. The best and most economical course of action is to always avoid a potential data loss rather than trying to restore lost data.
Key Finding #3
...
The retail industry is the most vulnerable industry to cyber attacks. 12.63% of the examined UK cyber attacks involved the retail sector. This is not surprising given that the pandemic has dramatically increased online sales and retailer pro tability.
The nance and healthcare industries are the two other industries often exposed to cyber attacks. 11.05% of the cases that were examined involved the nance industry and 9.47% involved healthcare organisations.
With a rate higher than 5%, data shows that the service, travel, utility, education, transportation and information sectors have been the most negatively impacted sectors by cyber attacks.
The Works ransomware attack
What happened
The Works, a retailer, was the target of a particularly serious ransomware attack in the UK in 2022. Ransomware, one of the most common forms of cyber attacks, is believed to have been used by hackers to damage the British discount stationary and book business. The retailer had to close ve of its 526 stores as a result of the cyber attack. It has also interfered with the company's delivery to its stores and affected its tills.
The retailer claimed that after being noti ed of the incident, the company immediately took a number of steps. Client payment information wasn’t accessed, but it has not been determined to what degree any other data may have been impacted. Not to mention the nancial damage this ransomware attack has caused to the retailer, which is yet to be con rmed.
What we learned
From 'The Works' ransomware attack, we can conclude that no system is secure against cyber attacks. Hackers compromised The Works, even though it appears to have solid protection in place.
Cybersecurity Tip
Using reliable Cybersecurity services will help you identify issues and solve them before they get out of control.
Key Finding #4
...
Large companies were affected 58% of the time compared to small and medium-sized businesses.
Small and medium-sized businesses experienced almost the same amount of cyberattacks as larger businesses.
Given that the examined cases are the most signi cant cyber attacks in the UK over the last 15 years, the fact that 22% of the total attacks occurred against small businesses can lead to the conclusion that no business is truly safe from cybercrime.
The EasyJet data breach
What happened
The British airline EasyJet's computer systems were the target of a cyber attack in January 2020, which was made public in May 2020. A total of nine million people were impacted, and 2,208
people had their credit card information stolen. During the course of their investigation into the incident, EasyJet informed the Information Commissioner's Of ce.
Due to an increase in phishing attacks during the Covid-19
pandemic , EasyJet released the facts even though it wasn't required to warn passengers whose basic booking details were compromised.
What we learned
The rst airline targeted by cybercriminals was not EasyJet, and it certainly won't be the last. The travel industry is the fth most vulnerable to cyber attacks. What is notable how quickly EasyJet responded and informed their passengers. Any organisation, regardless of size, is vulnerable to cybercriminals.
Cybersecurity Tip
To minimise the possibility of losing essential data in the event of a cyber attack, businesses are encouraged to implement a solid disaster recovery strategy.
Key Finding #5
...
Almost three out of ten major cyber attacks targeted governmental organisations.
The majority of non-government cyber attacks (60.7%) targeted large corporations.
The retail sector was the most vulnerable to non-governmental cyber attacks.
Finance and travel were the industries affected the most, followed by retail.
Only 9.8% of cyber attacks against non-governmental organisations were carried out by individuals inside the organisation.
Passive cyber attacks accounted for 71.3% of non-government cyber attacks.
The WannaCry attack against
NHS
What happened
The NHS was impacted by one of the biggest ransomware attacks in 2017, known as WannaCry. The attack has signi cantly impacted the NHS systems.
The primary characteristic of this attack is that it only affected computers that were still running the March security update from Microsoft. The WannaCry ransomware attack, which lasted a few hours, is believed to have affected more than 300,000 computers in 150 countries. Due to the lack of examples of people receiving their data after paying the ransom and that huge revenue would promote more of these efforts, experts promptly recommended impacted users against doing so. A total of 327 payments worth
£106251.79 have been sent as of June 14, 2017, when the attack had subsided.
What we learned
Regarding the types of businesses impacted, WannaCry made no exceptions, targeting two major organisations, FedEx and the NHS.
Cybercriminals don't discriminate when it comes to their victims; they can be individuals, large or small organisations, governmental or non-governmental organisations.
Cybersecurity Tip
Always keep up with the latest developments in Cybersecurity.
Key Finding #6
...
Almost seven out of ten major cyber attacks targeted pro t-seeking organisations.
In 20% of the cases of cyber attacks against non-pro t organisations, an insider was responsible for the attack.
Passive cyber attacks made up 62.7% of all non-pro t cyber attacks.
Malware is the most common type of cyber attack (52.9%) against charitable institutions .
Concerning
cyber
attacks
targeting
voluntary
organisations, education and healthcare were among the most severely impacted sectors.
Malware (49.3%), system vulnerabilities (28%) and phishing (10.7%) were the most frequent types of cyber attacks targeting pro t-seeking organisations.
Oxford University lab studying
Covid-19 targeted by ransomware
What happened
It is believed that the attack on Oxford’s Division of Structural Biology took place in the middle of February. Although it is well known that the hackers have been demonstrating access to several systems, including devices used to process biological samples, Oxford University is of cially classifying it as an isolated incident.
However, the study on the coronavirus could be at risk of theft in the event of a lab breach. If hackers were able to manipulate the ow of liquids or other elements of the purifying system, there is also the risk of research being damaged.
The National Cyber Security Centre (NCSC) was noti ed immediately by the Oxford University lab to launch an investigation into the cybersecurity incident.
What we learned
This incident highlights how vulnerable every institution is to cyber attacks . They are not always tied to the quantity of sensitive information a business/organisation handles. However, in the case of sensitive information found in the Oxford University lab researching Covid-19, it can be concluded that it’s crucial to take preventative measures to safeguard data.
Cybersecurity Tip
Always keep up with the latest developments in Cybersecurity.
Key Finding #7
...
An outside source was responsible for 90% of the cyber attacks on B2C business.
25.9% of the cyber attacks targeting B2C organisations were active.
Cyber attacks caused signi cant disturbance on B2C
companies in the retail, nance and travel sectors.
61% of the attacks involving B2C companies targeted large corporations.
Malware cyber attacks were the most common for B2C
companies, accounting for 45.2% of all cyber attacks.
The nancial sector was primarily impacted by cyber attacks among B2B companies (35.7%), with other industries being affected at roughly the same rate.
Key Finding #8
...
Full names (10.51% ) and physical addresses (10.17%) were revealed in this study's 200 major UK cases.
Email addresses are the third most commonly exposed type of data (9.49%).
Debit card details and phone numbers ranked third among the type of data that were often disclosed during these attacks (7.46%).
Lastly, we nd passport numbers, date of birth, account credentials and identi cation credentials with a percentage of less than 5%.
Cybercriminals who steal sensitive information frequently sell them on the dark web. For instance, 500,000 stolen credentials were offered for sale on dark web criminal forums in the 2020 Zoom data breach case.
The Finastra Ransomware Attack
What happened
Finastra reported becoming the target of a ransomware attack on the 20th of March, 2020. Finastra’s services were disrupted as a result of the attack as they took down several servers in response to the incident, affecting their operations in North America . Nearly all the top 50 banks worldwide use the services Finastra, with over 10,000 employees, provides. The company con rmed there was no proof of employee or customer data theft .
What we learned
The level of data breaches has been increasing year by year in the UK, with cybercriminals bene ting from various information, some being more valuable to them than others. It's important to note the value of a company's data and the cost of that data when it's accidentally exposed.
Companies are encouraged to disclose information about data breaches to raise awareness among businesses and help them take the right steps to strengthen their defence strategy to minimise the risks of getting exposed to cyber attacks.
Cybersecurity Tip
When selecting your IT support service provider, make sure to utilise all support channels to protect your business from potential threats.
Key Finding #9
...
The year 2022 saw the biggest number of cyber attacks (41.24% of all cases examined).
After 2022, 2017 is the second year with the highest amount of cyber attacks, with nearly twice as many attacks (11.34%), an increase from 2016 (6.7%).
The cyber attacks in 2019 (3.09%) tripled in 2020 (9.79%).
There was an alarming level of cyber attacks in 2020 and 2021, accelerated by the digital transformation brought on by the Covid-19 pandemic.
Key Finding #10
...
July (10.8%) and March (10.6%) were the months with the highest number of cyber attacks in the UK.
Within a year, March, July, and May became the prime months for cyber attacks.
There were considerably fewer cyber attacks during November (6.2%) and December (6%).
Cyberattacks are frequent in May (9.2%) and June (9%).
Data also highlights that retailers are strongly encouraged to be on the lookout for cyber attacks between March and July as it is a peak period for cybercriminals to target organisations.
Historically, the rst quarter has been the most dangerous period of a scal year in terms of hacking activity.
Key Finding #11
...
Only 12% of the cyber attacks investigated in the United Kingdom originated from the inside of an organisation.
Education had the highest percentage of cyber attacks that originated from the inside (50%). In nearly 20% of these cases, the data leak was unintentional.
Large organisations were the most vulnerable to outsider cyber attacks (55.9%).
Medium (21.7%) and small (22.4%) businesses were almost equally vulnerable to outsider threats.
Nearly seven out of ten cases where the attack came from outside (69.9%) turned out to be passive. In the remaining cases, the attackers didn’t notify their targets or make the attack noticeable.
Medium-sized businesses (20%) were the least impacted by cyber attacks.
Norfolk School distributes
students' personal information
mistakenly
What happened
A whole year group of kids was accidentally sent emails by a Norfolk school that contained sensitive personal information about students, including their special educational needs. All of its Year 7 students were given access to the information, including attendance statistics and the names of students from disadvantaged households.
The year group was unintentionally added to the distribution list even though the two emails were only intended to be delivered to staff. According to the school, the links to the documents were removed within half an hour and also con rmed that the issue was dealt with quickly.
What we learned
This is a typical instance of an internal data leak. However, there was no criminal intent and the school took immediate action. It’s always important to consider who was affected and on what level in an attack similar to this to minimise its future occurrence.
Cybersecurity Tip
Train your employees on Cybersecurity today.
Key Finding #12
...
Three of the ten cases examined were active cyber attacks.
Malware was used in 78.4% of active cyber attacks against UK
organisations.
Active cyber attacks have damaged 32% of small businesses.
Active cyber attacks impacted 26% of medium-sized businesses.
60.5% of large businesses experienced a passive cyber attack.
19.3% of medium businesses were impacted by passive cyber attacks.
20.2% of small businesses encountered a passive cyber attack.
The retail (13.3%), nance (11.5%) and travel (9.7%) industries were the sectors most impacted by passive cyber attacks.
The technology, hospitality and automotive industries were among the sectors that experienced the least amount of cyber attacks.
Key Finding #13
...
Cyber attacks with a criminal motive caused the most extensive damage to the retail, nance and travel sector .
75.9% of cyber attacks with a criminal intent involved pro t-seeking organisations.
59% of criminally motivated cyber attacks targeted large organisations.
Retail (13.9%),
nance (12.8%), and travel (7.4%)
experienced the highest number of criminally motivated cyber attacks.
Cyber attacks with criminal intent also impacted transportation (6%), utilities (6.6%), and healthcare (7.2%).
Agriculture and hospitality experienced the least amount of cyber attacks with a criminal intent, accounting for 0.6%
of all sectors.
The WhatsApp data leak (2022)
What happened
It was reported that the data of 500 million Whatsapp users from 84 countries were traded on the dark web in December 2022. It was con rmed that out of these 500 million users, 11
million were from the UK, with the cost exceeding £2050.
This isn't the rst time a social media network has experienced a data leak. Facebook, Twitter and Linkedin were also among the social media giants that encountered a data breach. WhatsApp hasn't disclosed the details of the incident.
What we learned
Recent data breaches involving WhatsApp users have clari ed the need for better security. Hackers frequently target instant messaging platforms like WhatsApp, affecting even the less popular applications, which highlights that no social platform is secure. Users transfer data across communication and application networks in businesses, leaving several gaps for cyber attackers to exploit.
Messaging applications are not just used by individuals but also by businesses to communicate. The latter is sometimes translated as, for instance, the exchange of documents, which signi cantly increases the risk to an organisation.
Cybersecurity Tip
Train your employees on Cybersecurity today.
Additional key results (I) Cyber attacks incorporating corporate account takeover (CATO) made up 1.72% of the cases that were looked at.
3.45% of the cyber attacks used distributed denial-of-service (DDoS) to target businesses.
3.45% of the cases were drive-by download cyber attacks.
Man-in-the-middle (MITM) attacks made up 2.59% of the cases.
6.9% of the cyber attacks involved removable media, such as ash drives.
The sectors most impacted by malware in the UK are the retail, healthcare and services industries.
The number of cyber attacks increased in 2017 . The WannaCry ransomware attack in 2017 was one of the worst cyber attacks in history. It is estimated that more than 300,000 computers were affected during this attack across 150 countries, with total damages ranging from hundreds of millions to billions of dollars.
The travel, education, transportation and nancial sectors are the most severely impacted industries by malware in the UK .
In the UK, the three industries that experience the most signi cant number of cyber attacks due to system vulnerabilities are retail, nance and travel.
Over the past 20 years, the greatest malware attacks affected an average of 25,190,714 users in the UK.
Additional key results (II) Only 39.29% of UK businesses made the total number of impacted accounts publicly available.
In 2.37% of the UK cases examined, health records, an extremely sensitive personal data, have been compromised. Despite being a relatively small percentage, healthcare data are quite valuable. As opposed to a single piece of information that could be obtained in a nancial breach, healthcare data frequently includes all of the person's identifying information, making it lucrative on the black market. As such, the most valuable information on the black market is medical data.
6.7% of the investigated cases lasted longer than a month.
2.81% of the cases analysed for this study lasted longer than a year.
Over the last 20 years, 37.000 UK students have been affected by cyber attacks.
The most common cyber attack targeting B2B organisations was malware (50%).
In 64.3% of the cases, an outside source was responsible for the attack against B2B organisations.
The second most common type of cyber attack for B2C
organisations was system vulnerabilities (27.4%).
The web, healthcare and gaming industries are the UK’s most vulnerable industries to phishing attacks.
Additional key results (III) Cyber attacks targeting larger businesses at an alarming rate are in the travel, education and retail industries.
Cyber attacks in the United Kingdom impacted medium-sized businesses in the service, retail and healthcare sectors.
Small businesses experiencing cyber attacks in the UK are in the retail sector.
Phishing attacks (11% of all cyber attacks) were the third most common type of cyber attack against B2C organisations.
Education (6.8%) is among the top ten most affected sectors. A data breach usually happens in all cyber attacks targeting the education sector and exposes students' personal information. This includes details about special educational needs, student status and study duration in 0.34% of cases.
We have seen a signi cant increase in cyber attacks over the last 15 years. Cyber attacks increased by nearly 60% between 2006 and 2022.
During the last two decades, seven out of ten B2B businesses have been victims of a malware attack.
Retail, education and healthcare were the most affected sectors in 2022, distinguishing them from the overall trend and placing nance into the top three affected sectors over the last 20 years.
- CHAPTER 2 -
Methodology
of the UK
Cybersecurity
Report 2022
Using data provided by organisations, TWC IT Solutions investigated the 200
most signi cant cyber attacks to have ever taken place in the UK.
Additionally, TWC obtained data on more than 500 prominent global cyber attacks. Using 16 variables and criteria for each cyber attack, we continued the study beyond the data-gathering stage.
The analysis took into account the followings : Governmental or non-governmental organisation Size of the company
Type of industry
Was it a B2B or a B2C organisation?
Pro t or not-for-pro t
Year of the cyber attack
Month of the cyber attack
Country of the cyber attack
Type of cyber attack
Was it an insider or an outsider attack?
Type of motive
Was it an active or a passive attack?
Number of accounts affected
Type of information stolen
Duration of the cyber attack
Has a data breach taken place or not?
The data processing was completed in two stages.
The rst step of the research generated 13 different graphs and metrics detailing the UK cyber landscape.
The second phase focused on the collected data, allowing us to examine the speci c characteristics of each industry and the type of cyber attack that took place.
- FINAL CHAPTER -
Conclusion
Build your cybersecurity strategy with the help of an expert
The rapid growth of the Internet has resulted in a signi cant increase in cyber attacks, many of which have severe and disastrous consequences. Malware is the most commonly used attack employed to carry out malicious intent in the cyberspace by exploiting existing vulnerabilities or unique characteristics of emerging technologies. It is now more important than ever to secure businesses by clarifying the dangers of cyber attacks and the methods we have to avoid them. Every size of business, regardless of its industry, is vulnerable to cyber attacks and the only way to reduce cybersecurity risks is to raise awareness among employees.
Reach out to us at 08000 248 900.
UK HEAD OFFICE:
USA OFFICE:
HONG KONG OFFICE:
32-34 Station Close
344 Grove Street
Amtel Building
Potters Bar, London
Suite 02-4078
148 Des Voeux Road
EN6 1TL
Jersey City, NJ 07304
Central, Hong Kong
...
ONE OF LONDON`S LEADING
IT SOLUTIONS COMPANIES.
We've got IT covered.
Included among:
> The Top Cybersecurity Consulting companies in London by Clutch (2022).
> The Top Cybersecurity companies in London by Goodfirms (2022) .
> The Top Cybersecurity companies by Techreviewer (2022).
> The Top IT Services Consulting companies by DesignRush (2022) .
Since 2011, TWC IT Solutions has offered managed IT Support, Cybersecurity, Disaster Recovery, Contact Centre and Business Connectivity services to more than 300+ clients, in 400 cities, across 24
countries global y. More specifical y, 200 of them come from the UK and the South East region, with a 30-minute Greater London on-site bike response team. Additional y, TWC IT Solutions is among a smal number of IT
companies offering industry-leading 10 minute SLA’s, an excel ent NPS
score and provides a written Warranty of Seamless Transition (WST).
...
...
Apply for a cybersecurity
business training.
Secure your business today.
Reads:
115
Pages:
176
Published:
Apr 2023
"No Filter, No Problem" by Famium is your ultimate guide to creating a visually stunning, engaging Instagram presence. Packed with insider secrets and practic...
Formats: PDF, Epub, Kindle, TXT