Cyberattacks on UK businesses
Attacking IP addresses by origin
Malicious online activity surged between October and December 2022 to push the number of cyberattacks experienced by UK businesses in the year past 2020 levels
A surge in cyberattacks in the final three months of last year made 2022 the worst year on record for malicious online activity against UK businesses, according to Beaming, the business internet service provider (ISP). On average, UK companies experienced 687,489 online attempts to breach their systems in 2022, the equivalent of one every 46 seconds. Prior to last year, the worst year on record was 2020, when businesses experienced 686,961 cyberattack attempts each.
October to December 2022 was also the busiest quarter for cyberattacks on UK businesses since Beaming began tracking malicious web activity in 2016. Companies experienced 177,228 cyberattacks each, on average, in the period. This was 11,295 (seven percent) more attacks than in the corresponding quarter of 2021 and 275 more than between April and June 2020, the previous busiest quarter on record.
Beaming identified almost 1.2 million IP addresses being used to launch cyberattacks on UK businesses in 2022 and traced more than a fifth (268,484) of them to locations in China. Beaming also identified large numbers of attacking IP addresses that appeared to be located in the USA (90,663), India (46,783), Brazil (46,783), Russia (35,842) and Taiwan (30,581).
One in seven cyberattacks received by UK companies in 2022 sought to gain control of devices connected to the Internet of Things. Businesses also experienced more than 5,000 attempts each to breach their databases, file-sharing services, web applications and remote desktop systems in 2022.
Sonia Blizzard, managing director of Beaming, said: “UK businesses have experienced a constant bombardment of cyberattacks over recent years, but the volume of activity had appeared to be falling from the extraordinarily high levels that accompanied the first Covid lockdown. The surge in malicious online activity we witnessed in 2022 is a timely reminder that no one can afford to be complacent.”
“Many businesses have taken steps to improve the resilience of their online systems and IT infrastructure, and there is plenty that internet service providers like Beaming can do to help protect customers at both a network and firewall level. Most cyberattacks use automated scripts that scour the internet for the weakest links. Businesses that haven’t improved their online resilience in the last year or so are sitting ducks for hackers.”
What can businesses do to protect against cyberattacks?
There are several steps that almost every business can take to protect themselves against cyberattacks:
- Use strong passwords and enable two-factor authentication on all accounts and devices.
- Keep all software and devices up to date with the latest security patches and updates.
- Use a business-grade firewall to protect your network and restrict access to authorised users.
- Use antivirus and anti-malware software to detect and remove any malicious software.
- Educate employees about cybersecurity and the importance of following safe practices when using the internet and company devices.
- Back up important data regularly to protect against data loss in the event of an attack.
- Use a Virtual Private Network when connecting to the internet over public Wi-Fi.
- Consider purchasing cybersecurity insurance to help cover the costs of responding to and recovering from a cyberattack.
- Work with your ISP or a trusted IT provider to help implement these and other security measures.