Cyber criminals increase attacks on remote working technologies

cyber attacks

UK businesses were subjected to more than 600 cyber attacks a day during the third quarter of 2017, according to a new data.

Between July and September, the average UK firm experienced 55,314 attempts by hackers to access their data or take control of IT systems.

Although the volume of cyber attacks on businesses was lower over the summer months than in the second quarter of the year, analysis shows an increasing number of attacks on remote desktop applications, VoIP telephone systems and virtual private networks used to connect firms to remote workers and regional offices.

On average, UK businesses were subjected to 1,842 cyber attacks attempting to access remote desktop applications in the third quarter, 540 more than during the three months to the end of June. There were 586 attacks per business targeting VoIP systems and 73 attempts to access the private communication networks

Connected devices such as remote controlled security cameras and building control systems continue to be targeted at the greatest rate by hackers. Unauthorised attempts to take control of these systems accounted for nearly two thirds of all internet-borne cyber attacks in the last quarter. Company databases were also frequently targeted, accounting for just under a fifth of all attacks.

Sonia Blizzard, managing director of Beaming, comments: “The nature of corporate cyber attacks is shifting. While most still target relatively simple devices connected to the Internet of Things and information held in company databases, we are seeing evidence that hackers are turning their attention to technologies that support branch offices and remote workers.”

“The rates of cyber attack on internet telephony systems, remote desktop applications and virtual private networks have more than doubled since the start of this year. As more people choose to work remotely, these technologies are becoming increasingly important. They need to be protected properly if they are to create value and not new areas of vulnerability.

“Data must be encrypted where it is stored and while travelling across the internet. Strong protections should be put in place to secure company devices and people should be trained on how to avoid the main cyber security risks they might be exposed to.”