Tuesday, April 22, 2008

Hackers hit one in 10 big companies: study

LONDON (AFP) - More than one in 10 big British businesses has detected computer hackers on their IT networks, a government report said Tuesday, warning of a rampant rise in such activity.

Thirteen percent of large businesses have detected unauthorised outsiders, said the study drawn up by the Department for Business, Enterprise and Regulatory Reform, published at the Infosecurity Europe show in London.

That represents a 10-fold increase in the last two years, warned the report.

"Very large companies remain the main target for hackers and 20 percent detect hundreds of significant attempts to break into their network every day," it said.

"Eighty-five percent of very large businesses were attacked. Telecoms providers are most likely to be attacked, three times as likely as average."

According to the hacking community, only a tiny proportion of penetrations are detected by network owners, the report added.

"Large corporations are being actively targeted by hackers, often working in cahoots with organised crime, and looking to steal confidential customer data which can be used for identity fraud," Chris Potter, the PricewaterhouseCoopers (PwC) partner who led the research, told the Financial Times.

The report also found that 96 percent of companies with more than 500 employees were affected by security breaches.

In the worst case, the cost of security breaches for a small business was around 15,000 pounds, while that figure rose to 1.5 million pounds for very large companies.

Two thirds of companies were doing nothing to prevent confidential data leaving on USB memory sticks, while four-fifths of companies that have had computers stolen have not encrypted their hard drives.

Companies were urged to start taking preventative rather than retrospective action.

Business Minister Shriti Vadera said: "New technology is a key source of productivity gains, but without adequate investment in security defences these gains can be undermined by IT security breaches."

"The survey shows increasing understanding by business of the opportunities and threats, but challenges remain."

Data security has become a hot topic in recent months after a government department lost two disks containing the personal details of roughly half the population. The disks went missing in the post and have not yet been found.

The survey urged businesses to learn more about the security threats they faced, target security investment at the most beneficial areas, integrate security into normal business behaviour, deploy integrated technical controls and respond quickly to breaches.

by Robin Millard


No comments: