Home working warning as UK companies face hacking onslaught

The scale of the threat to UK business from organised international gangs of cyber criminals have been laid bare after an exercise  involving “honeypot” computers were blitzed with 91 million attacks in the space of four weeks.

A battery of computers specially configured to make cyber criminals think they were small businesses operating in London were attacked by hackers over 2,000 times every minute this January, with a warning that a move to home working has impacted the security of companies across the country.

The computers, called honeypots in the cyber security industry, were operated by cyber insurer Coalition as part of an exercise to assess the volume of cyber-attacks directed against the UK’s capital.

Honeypots are computers or devices with vulnerabilities designed to attract cyber-attacks so attack methods and routes can be analysed. Coalition runs a global network honeypots.

The results were shocking and the data is being supplied by Coalition to the Cyber Resilience Centre for London, a police-led, not-for-profit organisation working in partnership with the Mayor of London’s Office for Policing and Crime.

Data from the honeypots showed that over the course of 28 days in January, the devices were attacked 91 million times by over 101,000 different hackers.

Russia was the single largest source of attacks followed by Bulgaria, Monaco and Panama. However, Coalition’s experts pointed out that many cyber criminals hide their location by mounting attacks using virtual private networks (VPNs) routed through other countries.

Of the 91 million attacks recorded, 77 million were attempts to hack into remote desktop connections used by employees working out of office.

Dr Simon Bell, Coalition’s UK security researcher, said: “These results show just how much home working has widened businesses’ attack surface – the number of internet connections and vulnerabilities that hackers can exploit. 85% of attacks we saw were attempts to gain unauthorised access to these remote connections.

“We use honeypots to learn about threat actors and their methods. It’s a little like using decoy car to attract car thieves. Once the attack happens, we can see what vulnerabilities the cyber-criminal is looking for and how they try to exploit them. In this exercise, our honeypots were given IP addresses that identified as physical data centres in London.”

Simon Newman, CEO of the Cyber Resilience Centre for London, said: “The data supplied by Coalition is incredibly valuable to us as we get real-time insights into the threat landscape of the City, and the latest trends and techniques being deployed by cyber criminals.

“This allows us to tailor up-to-date guidance for our membership base of SMEs, which make up 99.8% of businesses across the capital. It also helps to illustrate the scale of the threat facing the business community, which in turn supports access to funding and partnerships that allows us to continue our important work.”

Coalition was launched in the UK last year. The firm offers what it describes as active cyber insurance, combining cyber security protection with cyber insurance. Coalition’s automated scanning and monitoring system Coalition Control scans the internet is real time identifying vulnerabilities that hackers can exploit.

A battery of computers specially configured to make cyber criminals think they were small businesses operating in London were attacked by hackers over 2,000 times every minute this January, with a warning that a move to home working has impacted the security of companies across the country.

SHARE: