Health & Safety

Health & Safety

Cyber Attacks on UK Businesses

Cyber-attacks against UK businesses take a number of forms and vary significantly in scale and complexity. The National Cyber Security Centre has recently published the Counter Terrorism Policing (CTP) Analysts’ latest threat analysis on Cyber Attacks.

You can find a high level summary below and read the full document here: https://www.protectuk.police.uk/threat-risk/threat-analysis/terrorist-cyber-threat?mtm_campaign=CyberThreatsC

Terrorist Cyber Threat Headline Assessment:

  • Cyber-attacks against UK businesses take a number of forms and vary significantly in scale and complexity. Ransomware is currently the most significant cyber threat facing the United Kingdom, with the potential to be as harmful as state-sponsored espionage.
  • In 2017 the “WannaCry” ransomware attack afflicted 200,000 computers across 150 countries. In the UK, it significantly impacted the National Health Service and affected over one in three health trusts in England, resulting in over 19,000 appointments delayed or cancelled as a result. The attack was attributed to a state actor.
  • We assess it is likely terrorist cyber activity against the UK is broadly limited to social media and website defacement, in which they have shown a relatively sophisticated degree of knowledge.
  • It is highly likely that should a UK business website be targeted for defacement, there will be short-term reputational consequences. Therefore, UK businesses are advised to take steps to ensure their information systems and social media channels remain secure from penetration by malicious actors.
  • With the Internet becoming even more integral to the success and growth of UK businesses, it is highly likely this will create more vulnerabilities for hostile cyber actors to exploit.
  • There is difficulty in attributing hostile cyber activity to specific named terrorist groups or their supporter networks. The nature of online activity and the ability to anonymise or obfuscate one’s identity means unless a specific group openly claims to have conducted an attack, terrorist cyber activity is not always identifiable.