Sign up for our newsletter
Technology / Cybersecurity

SMEs hit with 7 million cyber crime attacks per year in £5.26 billion blow to UK economy

Small businesses are the hardest hit by cyber crime, with smaller firms in the UK hit collectively seven million times per year.

According to a report by the Federation of Small Businesses (FSB), these attacks cost around £5.26 billion to the UK economy.

While 93 percent of small firms are trying to protect their businesses, 66 percent had been the victim of cyber crime in the last two years.

The main culprit was phishing attacks, which were reported by 49 percent of respondents. Spear phishing, a more targeted version of phishing, was reported by 37 percent.

White papers from our partners

Phishing emails attempt to trick users into clicking a malicious link or providing personal information. Meanwhile, Norton defines spear phishing as "an email that appears to be from an individual or business that you know. But it isn’t."

Both types of Phishing had the highest incidence in the arts, entertainment and recreation sector, followed by Professional, scientific and technical activities.

Malware attacks were reported by 29 percent of the respondents.

Denial of service attacks had been experience by 5 percent of respondents, while ransomware, becoming an increasing concern for businesses, hit 4 percent of respondents.

The vulnerability of these companies to these kinds of online attacks were driven by the fact that 99 percent of small firms rated the internet as highly important to their business.

According to the report, there were some key areas where these firms could improve security. Only 24 percent had a strict password policy, four per cent had a written plan of what to do if attacked online, and two per cent had a recognised security standard such as ISO27001 or the Government’s Cyber Essentials scheme.

The FSB called on the Government to do more to protect the cyber security of this vulnerable sector.

"Small firms take their cyber security responsibility very seriously but often they are the least able to bear the cost of doing so. Smaller businesses have limited resources, time and expertise to deal with ever-evolving and increasing digital attacks.

"We’re calling on Government, larger businesses, individuals and providers to take part in a joint effort to tackle cyber crime and improve business resilience."

Geoff White, underwriter at Lloyd’s, said: "Many UK businesses are not aware of how exposed they are, believing they are too small or have nothing worth stealing to be a victim of a cyber-attack. However, technology is so fundamental to how businesses run that cyber is a risk regardless of size or industry.

"We know it’s now a matter of "when, not if" a company suffers a cyber-attack or breach, but they shouldn’t be company-ending events. Businesses should look into a wide protection, including cyber insurance, to protect their balance sheet and help get them back on their feet."

The survey, called ‘Cyber Resilience: How to protect small firms in the digital economy’ had 1006 completed responses from FSB members.
This article is from the CBROnline archive: some formatting and images may not be present.