UK businesses face persistent cyber breaches, with phishing as a primary threat

Nearly half of UK businesses continue to experience cyber breaches, with a significant number of these attacks originating from employees falling victim to phishing scams, with further coverage provided by The Register.

The UK government's latest Cyber Security Breaches Survey reveals that 43% of businesses and 28% of charities reported a cyber incident in the past year. Phishing, primarily through impersonation emails leading to fake login pages, is the dominant attack method, accounting for approximately 85% of breaches reported by businesses. Malware, ransomware, and unauthorized access trail significantly behind. Among affected businesses, about a quarter experience breaches weekly, with some reporting daily occurrences. Charities are seeing an increase in attack frequency.

While many organizations are implementing basic security measures like updated malware protection and password rules, fewer are adopting advanced protections such as two-factor authentication. Small businesses have seen a decline in cybersecurity risk assessments. Supply chain vulnerabilities remain a concern, with only a small percentage of businesses reviewing risks from their suppliers. Furthermore, a notable portion of businesses and charities hold unprotected personal data, increasing the value of potential breaches.

Source: The Register