Survey finds almost half of cyber attacks on Irish businesses may be undetected

Magnet Networks Cyber Security Survey finds lack of awareness from Irish businesses around cyber breaches

Just 20% of businesses surveyed say they have suffered from cyber attacks in the past two years, with a further 16% unsure and 64% claiming that they been unaffected, according to the survey carried out by Magnet Networks.

However, a leading cyber security expert states that the true average industry figure for attacks is 43%, and that many Irish businesses are unaware that they currently have a sophisticated cyber breach.

The Magnet Networks National Cyber Security Awareness Survey was carried out among 258 companies spread across all sectors and regions, giving an up-to-date sample of the business attitudes to threats which could potentially ruin many of those who are attacked.

Businesses don’t have sufficient cyber security measures in place

34% of all businesses have no cyber security policy in place, with a further 19% acknowledging that either their security needs tightening or they are completely unsecure.

“A new generation of cyber threats has meant that Irish businesses are constantly under attack and they may not realise it,” said cyber security expert James Canty of Magnet Networks.

“The average time it takes a business to identify a cyber breach is 191 days, and in many cases a company may not know they have been affected until their data is sold on the dark web.”

New cyber security threats

The biggest global threats against business are now ransomware, fileless malware and crypto mining attacks.

“In the past year we have seen a huge increase in the use of fileless malware in attacks. This runs in memory and is a lot harder to detect and stop than malware installed on systems,” said Canty.

“The hijacking of computers for crypto-mining purposes is also quickly becoming a major problem for enterprises, involving almost 90% of recent remote code execution attacks, according to industry figures.

“Crypto-mining occurs when someone hacks into your pc and servers and use the processors of these pcs and servers to mine bitcoins and other crypto currencies.

“Unlike traditional malware, the main aim of crypto mining is to hide its existence, with its only tell-tale sign being that your PCs and servers and sometimes even your broadband becomes ridiculously slow, which many businesses tend to blame on old systems or equipment.

“The main worry looking at the state of our national cyber defences is that 80% of businesses surveyed have legacy anti-virus software installed, with the majority of these (75%) combining this with a firewall.

“Just because you have a box in the corner that IT calls a firewall doesn’t mean you are protected from ransomware, and, the likelihood of a virus scan picking up a sophisticated and constantly evolving data mining programme is remote in the least.

“The proliferation of new types of cyber threats means traditional anti-virus solutions are no longer as effective as they were in the past. They are constantly playing catch up, leaving computer networks vulnerable to attack.”

GDPR and cyber security

The survey found 49% of respondents rating themselves as unprepared or still preparing for GDPR.

Only 32% of companies have described themselves as satisfied with the arrangements that they have made for the regulations which came into force in May.

And 27% of all respondents said that either the business owner, or no-one at all, was responsible for cyber security in the business.