France's Finance Ministry revealed this week it had become the latest state department to be hit by a cyber attack, forcing it to shut down its systems as hackers targeted documents related to the G20 summit in Paris.
This comes just weeks after UK Foreign Minister William Hague said the UK had come under attack from a hostile state's intelligence agency and an official report warned that cyber crime costs the UK Government about £2.2 billion ($4.8 billion) a year.
The report released by the Office of Cyber Security and Information Assurance (OCSIA) found the cost to British business was even more severe at over £20 billion a year.
Despite increasing publicity around the attacks, businesses are not doing enough to prevent such attacks, according to a report released yesterday. Ovum analyst Graham Titterington said cyber espionage was a "growing threat to business viability".
"Cyber criminals are graduating from stealing credit cards and banking credentials to targeting corporate plans and proprietary information. They want valuable information such as product and technology blueprints, customer lists, or information that can be used to embarrass or disadvantage a victim."
The OCSIA report, compiled by Detica and released last month, estimated that cyber crime costs UK businesses £9.2 billion in theft of intellectual property, including designs, trade secrets and methodology. A further £7.6 billion comes from industrial espionage, involving the theft and exploitation of non IP data and £2.2 billion from extortion. Direct online theft from financial services and construction makes up £1.3 billion and a further £1 billion comes from the loss or theft of customer data.
Some have questioned the numbers, saying that organisations do not like to broadcast if their systems have been breached. Many of the problems come from within companies themselves.
Edward Hamilton, at Analysys Mason, said: "Most security breaches happen because of employees - like leaving a laptop on a train - and a lot of cyber security is trying to minimise the threats of people being stupid. The easiest way to get information from an organisation is to bribe an employee. Then there is cyber crime run by highly skilled, intelligent people. It is a totally different level of threat.
"Cyber criminals have greater access to sophisticated technology and they are attacking a more wired business world."
Ovum calls on businesses to raise their awareness of cyber attacks, restrict sensitive information, protect data held on outside sites, vet those who have access to sensitive information and carry out a risk analysis on mobile devices and removable media.
Titterington said: "Enterprises need to wake up to the danger posed or risk losing valuable information and having to deal with the consequences."
Jay Heiser, research vice president at Gartner, said: "Big oil companies, global financial firms and pharma ... see spending on systems as another cost of doing business.
"My concern is the medium-tier companies, as it's harder for them to make a business case."
- Independent
Cyber alert after French ministry is hacked
AdvertisementAdvertise with NZME.
