UK businesses encountered more than 753,341 malicious attempts each to breach their online and IT systems last year – four per cent higher than in 2023. A new report suggests businesses encountered an online threat every 42 seconds, making 2024 the worst year for attempted cyber attacks.
Thompson: lack of user awareness
The attack rate did decline in the final quarter, the first time since 2021 that Q4 was not the most prolific time of year for such attacks. Despite the reduction this is only the third quarter on record that cyber attacks experienced by businesses exceeded 2,000 per day.
Devices connected to the Internet of Things were the most frequently targeted. Business firewalls also received more than 161 daily attacks targeting building control systems, security cameras, networked printers, remote monitoring, and industrial automation systems.
Cyber criminals also frequently targeted web applications, remote desktop software, and company databases. Typically, businesses attracted more than 20 individual attacks daily for each of these systems in 2024, according to the report by IT consultants, Northdoor.
The report also found that these hackers are using more than a million IP addresses to launch attacks on businesses in the UK, with almost a quarter being traced to areas in China.
India has also been identified as an area where a significant and increasing volume of cyberattacks have appeared, with 87,144 attacking IP addresses. This is in comparison to 81,112 attacking IP addresses in the USA in 2024.
Northdoor CEO AJ Thompson said: “loT devices can be compromised by cybercriminals in several different ways and quite often this is done remotely. In many cases there is a lack of sufficient protection even though you would expect that loT, as a modern technology, would have adequate in-built protection.
“Often, there is a lack of user awareness around the technology, with easily guessed passwords that are almost never changed. Many also fail to implement updates with unpatched vulnerabilities leaving devices open to cyber threats. Late updates also pose a significant threat. Seen as an inconvenience, they are almost always put off until a cybersecurity issue occurs.
“IoT connected devices need to be configured securely, which can be a daunting task for many. This lengthy process has multiple considerations, which can be onerous and time-consuming for in-house IT teams. With budgets being cut and manpower stretched, understanding which IoT devices exist, what they do, how they are configured and most importantly how they should be protected, can seem like an impossible task.”
Related
In full: the Northdoor report
Major cyber attack could cost $53bn
FCA reveals levels of email attacks
