Cyber Czar warns of hacking threat to UK business
The head of Britain’s top cyber defence unit has warned UK businesses that they must get up to speed on the threat from cyber criminals writes Matt Warren.
Ciaran Martin, director of the National Cyber Security Centre has said while the cyber threat to UK infrastructure may come from ‘Russia’s elite hackers’, UK businesses and their ‘customer data sets may be targeted by another country or criminals.’
Martin called for the risks to be managed effectively through deeper understanding and advised executives not to be afraid to ask questions, as ‘nodding to avoid feeling foolish can sometimes be the most foolish thing to do’.
Martin has previously touched on the need to ‘demystify’ cybersecurity in boardrooms at The Times CEO Summit in June.
Martin’s comments come in the wake of a huge data breach at British Airways, in which 380,000 card payments were compromised, underlining the scale of challenge. The BA breach is thought to have occurred through the targeting of a gateway between the airline and a third-party payment processor in an attack that lasted over two weeks.
In his speech, Martin emphasised the possible cost of a massive cyber-attack globally, referencing a study by the Centre for Strategic and International Studies which estimated the global cost of the 2017 WannaCry attack at approximately ‘$4 billion in lost productivity’ alone.
The US credit agency Equifax, another global company that fell victim to a 2017 cyber-attack was hit with a £500,000 fine recently by the UK data watchdog, the Information Commissioner’s Office (ICO). The Equifax breach saw the data of 146 million people worldwide, including the details of 700,000 people in Britain, which led to the ICO fine.
Equifax’s protection of UK citizen’s data was adjudged not to have been ‘adequately effective’ and had the attack taken place post GDPR, which was introduced in May 2018, the fine faced by the company could have been a staggering £100m, as under the new rules a firm may be fined up to 4% of its global turnover for an offence.
It is not only the biggest corporations that are suffering. The Arran Brewery, a small Scottish drinks maker, also suffered a debilitating ransomware attack in September after job applications containing malware were sent to the company.
A point underlined by a recent report by the security firm Carbon Black based on a survey carried out by an independent research organisation, estimated that 92% of UK businesses had been breached in the last year.