contact@prisminfosec.com +44 (0) 1242 652 100 +44 (0) 1242 652 100

LATEST CYBER SECURITY NEWS AND VIEWS

Home > News > ICO data reveals sharp rise in attacks

Latest news

ICO data reveals sharp rise in attacks

Posted on by Prism Infosec

Cyber Trends

Recent data from the Information Commissioner’s Office (ICO) Data Security Trends Analysis Q1 2021-22 (capturing incidents for the period 1 April – 30 June 2021) reveal there’s been a sharp rise in specific cyber attacks as attackers seek to capitalise on the disruption caused by the pandemic and working from home (WFH).

The biggest leap was in misconfigurations of software and hardware, up a staggering 543% from 7 incidents last year to 45. This reflects the rapid expansion within the cloud as businesses sought to roll-out remote working to enable WFH. Misconfigurations routinely top the list of cloud security issues due to a failure to configure cloud solutions. Left in their default settings, these systems become much easier to compromise when exploits then surface. 

There was also a marked increase in attacks against the user. Malware was up a third and phishing attacks were up 54% compared to the same time last year while ransomware more than doubled due to the growth of Ransomware-as-a-Service (RaaS). RaaS enables cyber criminals to use malware for extortion without the need to code it themselves and was responsible for two thirds of all campaigns during 2020. 

This year also saw the ICO also include cryptographic flaws and denial of service attacks which were omitted last year, indicating a growth in highly targeted organised attacks. The only attack type to buck the trend was unauthorised access which fell 28% from 87 to 63, but this could equally be due to the difficulty of detecting such an attack outside the corporate network.

The results show that many users have fallen victim to attack while WFH, let down by insufficient support and a failure to implement secure remote access. Staff training should have helped prevent phishing attacks, for instance, with virtual training sessions offered to help with reinforcement. The increase in malware also suggests inadequate protection of endpoints, no doubt caused by many relying on connecting from home on personal devices. 

Attack Trends 2020 – 2021

The ICO also helpfully breaks down these figures into specific sectors, and virtually all of them have seen an increase in incidents. The retail and manufacturing industries continue to suffer the highest volume of attacks but saw a relatively modest increase of 48% compared to some of the others. 

Perhaps not surprisingly given the disruption to normal working practices, it was the General Business sector that saw the greatest rise at 282%, closely followed by the Utilities sector at 250% and the Health sector at 238%. The Legal sector and Transport and Leisure both saw a tail-off in demand for their services during the pandemic but an uptick following the easing of lockdown, resulting in attacks increasing by 117% and 106%, respectively.

A sector that was relatively unscathed by the pandemic and able to maintain BAU was Online Technology and Telecoms. It saw an increase of only 14%, revealing that it was better able to defend its operations. Similarly, the Finance sector saw only a 2% increase and Local Government 6% while those operating in Social Care actually saw an 11% decrease in attacks.

Attacks by Sector 2020 – 2021

The results of the Data Security Trends Analysis 2021-22 suggest that many organisations struggled to put in place adequate security measures and adapt quickly enough to meet the demands for WFH. This then made it difficult to enforce security policies, leaving staff exposed. 

The question that now remains is how effectively these sectors can play catch-up. Given that we will have a hybrid workforce for the foreseeable future, its vital that organisations now identify where their security gaps lie. Most sectors have some work to do to better protect their infrastructure, data and staff.  

Our recommendations are to:

  • Focus on your users by improving identity and access management. Provide remote staff training so that they know how to connect securely. Use refresher training to remind staff of best practice for password management and how to avoid phishing and malware attacks.
  • Examine how you monitor remote devices and BYOD. Many security solutions are not designed to monitor endpoint devices and third-party connections so you may need to re-evaluate how you carry out remote network monitoring.
  • Address cloud security as a priority, particularly the configuration of cloud solutions, and ensure that you these down to the minimum requirements.
  • Put in place procedures to thwart brute force attempts such as 2FA, limit log-ins and failed log-in attempts and prevent root user access.
  • Adjust your Incident Response to ensure everyone knows what to do in the event of an attack. Check your Disaster Recovery plans to ensure you have back-ups and can perform effective remediation.

If you’d like some advice on how to make your business more resilient and your staff more secure, or if you’d like to assess how effective your current security measures are, we’re here to help. Email us at contact@prisminfosec.com or call 01242 652 100.

FILTER RESULTS

Latest tweets

Prism Infosec @prisminfosec ·
30 May

Data #leakage is just one of numerous risks associated with #GenAI necessitating the use of an #AI #risk framework, as Phil Robinson explains via  @governance_and. #cybersecurity

Retweet on Twitter Prism Infosec Retweeted
TechFinitive.com @tfinitive ·
16 May

We interview Phil Robinson, Principal Security Consultant and Founder at @prisminfosec, who shares his views on ethical hackers and the latest ransomware trends.

Sign up to our newsletter

  • Fields marked with an * are mandatory

  • This field is for validation purposes and should be left unchanged.