There were 1,658 attempted attacks on Ofcom’s IT systems in October and November. These attacks comprised of 382 SQL injection attacks, 188 malware and/or viruses, and 1,088 phishing emails.
The attacks on the UK regulatory body for media and communications were defined as ‘detected attempts at gaining unauthorised access to the Ofcom system’.
The figure, obtained by web and mobile application security specialists Veracode, was released under Freedom of Information legislation (FOI) examining the number and types of attack.
Chris Eng, vice president of research at Veracode, said that the findings demonstrated the determination of cyber-attackers such as nation-states and organised gangs of cybercriminals:
"The sheer volume and variety of these attempts are a perfect illustration of just how tenacious these attackers are – and how they’re constantly searching every nook and cranny of our infrastructures to breach sensitive customer data and steal our intellectual property."
"Attacks such as SQL injection, which target an organisation’s web and mobile applications, have become the number one attack vector for cyber-attackers now that organisations have effectively locked down their networks and end-points with next-generation devices."
"As a result, it’s now more important than ever that organisations continuously assess all of their applications for vulnerabilities, including both those developed internally and by third-parties."
Content from our partners
According to Ofcom, none of the attacks were successful.
