A new study from biz broadband ISP Beaming has claimed that businesses in the UK were “attacked online” some 281,094 times each by cyber criminals during 2018 (up 23% year-on-year) via 1.3 million unique IP addresses. Most of those attempts originated from China, Brazil and Russia.
According to the provider, the most common target for such attacks last year were Internet of Things (IoT) applications such as building control systems and networked security cameras (i.e. remote control services), which on average were subjected to 489 attacks a day during the final quarter of 2018.
Meanwhile the second most targeted batch of applications were file sharing services (277 attacks a day) and databases (120 attacks a day). After that the list includes web sites / services, remote desktop systems and VoIP.
Many of these attacks originated in China, Brazil and Russia, although the USA also plays host to quite a lot of the activity.
Sonia Blizzard, MD of Beaming, said:
“As an ISP, we can see what is happening on the internet and take steps to help customers protect themselves and those they do business with. We’ve seen a huge surge in criminal activity online in the final months of 2018. UK businesses were attacked at least once every two minutes last year, making it the worst year on record for cyber attacks.
While there is plenty that we can do at a network level to minimise the threat of online attacks, businesses need to take cyber security seriously and put in place multiple layers of protection to ensure they don’t expose their people, assets, customers and businesses partners to undue risk.”
At this point we did go looking for the methodology behind Beaming’s analysis and were unable to find any firm indication of how they arrived at such results (i.e. take with a pinch of salt). As such it’s unclear whether or not the ISP has made any effort to distinguish between general automated scans / probes / email spam etc. and more targeted attacks (DDoS etc.).
This is important because on any given day it’s almost inevitable that an internet connection will at some point find itself being port scanned or otherwise checked for vulnerabilities (often via vast automated botnets of hijacked computers), which usually lasts only a moment and may occur multiple times in a day. The actual attacks usually follow later, or sometimes immediately, if the scan(s) uncover a potential weakness.
However anybody running up-to-date software, good anti-virus/spam and a decent firewall system will usually be able to fend off all but the most sophisticated assaults against their services. This is as true for home users as it is in the office environment, although businesses naturally have to be even more cautious.