UK companies hit by rise in costly hacking and phishing attacks

External attacks by hackers, organised criminal gangs and phishing fraudsters are responsible for a dramatic increase in the number and severity of security breaches among UK businesses.

The figures are part of the biennial DTI Security Breaches Survey conducted by PricewaterhouseCoopers (PwC), which covers 1,000 UK firms.

While only one in 10 security violations in large businesses were as a result of fraud or a breach of confidentiality/identity, they usually accounted for the biggest financial losses suffered, with half of those hit saying it was their worst security incident of the year.

Confidentiality breaches take an average of 10 to 20 person-days to investigate and in some cases cost over £100,000 in legal fees, investigation costs and fines, according to the research.

Chris Potter, partner at PwC, told silicon.com that the surprising trend the survey threw up was that most of these breaches are caused by external attacks rather than employees.

"Two-thirds of confidentiality breaches were as a result of external agents such as hackers, organised crime or phishing attacks," he said. "Their frequency is relatively small compared to viruses but the impact on organisations when it does happen is severe."

Potter admitted that actual losses suffered by banks as a result of phishing are still relatively low but he said they are looking at ways of increasing security.

"Phishing attacks are getting more sophisticated and some of the banks that escaped the first wave have been hit by subsequent ones," he said. "It needs to be very simple to use and not heavily dependent on technology. Things like smart cards are very dependent on the technology at the customers' computer."

One thing banks won't be turning to is biometrics, according to Potter. "We certainly won't see anything like biometrics. Only two per cent of large businesses are using biometrics. Cost is the key for rolling out across a large customer base."

Philip Richardson, European VP at security vendor Entrust, which sponsored this part of the DTI research, admitted that businesses have been faced with a difficult task in trying to justify the cost of deploying some of the stronger authentication technologies that could combat these attacks.

"Trying to put a return on investment call in this area has proven difficult. A number of the options in strong authentication have been too expensive and too hard to deploy," he said.

Potter said that the increasing complexity and access to organisations' systems means that businesses must ensure the people connecting to their system are who they say they are and only have access to the information they are supposed to.

"That perimeter is getting breached by all kinds of things, such as wireless networks and suspect modems. It is no longer possible just to defend the perimeter," he said.

The full results of the DTI Security Breaches survey will be released on 27 April at the InfoSecurity conference in London.