GFI Software has released the findings of an independent study examining the business and social impacts of cyber security issues. The results reveal stark public concerns over the increasing personal and business risks posed by cyber crime, and the growing likelihood that acts of cyber criminality will escalate towards physical retaliation.
With multiple recent high profile attacks targeting household names and large employers – including the major attack against multiple parts of Sony, the leaking of user data stolen from video streaming service Netflix and health insurer Anthem being hit for valuable healthcare customer and employee data – the survey shows that individuals increasingly fear cyber crime and its resulting consequences in the workplace as well as at home.
The survey reveals that 47% of respondents have been the victims of at least one cyber crime act in the last year alone. Credit card fraud is the most prevalent form of cyber crime, with 20% of respondents having been hit in the last year, followed by 16.5% having at least one social media account either breached or defaced.
The independent study was conducted for GFI Software by Opinion Matters and surveyed 1,008 UK adults working for companies with up to 5,000 staff and who use a computer or mobile computing devices.
Key findings from the survey are as follows:
*41% of respondents believe banks will be the main target for cyber criminals in the coming year
*One quarter (23%) are concerned that large business institutions will be targeted for crime and cyber espionage, but only 9.5% believe retailers will be a major target despite the potential for high levels of credit card data theft
*With growing volumes of healthcare data now being digitised, 9% of respondents are concerned that cyber criminals will turn their attentions towards the NHS and private health insurers in the coming year
*The perceived growing threat from cyber attacks is apparently hurting the adoption of Internet of Things technology, with nearly two-thirds (64%) of respondents either viewing Internet-connected home devices as too risky to own or otherwise harbouring reservations about making further purchases
*55% of respondents to the GFI survey believe that malware still poses the biggest threat to both individual and business information security
Business impact of cyber crime
The research reveals that almost all cyber crimes have a noticeable and detrimental impact on businesses, with 88% of those surveyed believing that a cyber attack against their employer would have measurable financial and productivity implications.
A further 3.5% believe that a single cyber attack against their employer could easily put the organisation out of business on a permanent basis.
“Cyber attacks have profound consequences for the business community, whether organisations are the target or the victim of an attack elsewhere,” said Sergio Galindo, general manager of GFI Software.
“In the last few months alone we’ve seen major corporations targeted in systematic acts of espionage and geopolitical retaliation, as well as hundreds of thousands – potentially millions – of individuals affected by the fall-out of data being stolen and misused. Usernames, passwords, credit card data, health records – the malicious use of this data by criminals can quickly create financial hardship and significant stress for the affected individuals, while the negative fall-out for those organisations from whom the data was stolen can range from loss of reputation through to fines, falling sales or even civil and criminal legal proceedings in the courts.”
Impact of cyber crime on public services
Until recently, the thought of hackers gaining access to everyday public and utility services in order to cause havoc and disrupt society was the stuff of movies like Die Hard 4.0. However, with everything from traffic lights and CCTV camera data to power station information and smart meter data now being computerised, automated and networked to improve efficiencies, centralise management and reduce costs, these services are now at greater risk.
In point of fact, this was highlighted in November last year when the NSA reported that the US power grid was successfully hacked.
As a result, two thirds of those surveyed by GFI now believe the hijacking of major services (ie the utility services, traffic management and transport, etc) by cyber criminals is a genuine threat to both the UK’s national and infrastructure security.
In addition, 43% believe that increased cyber crime is making life harder by making it more challenging to access everyday services, with 30% of respondents to the survey believing the heightened cyber crime environment is a hindrance to productivity.
The public’s reliance on digital devices makes us more of a target, with 21% of respondents believing that our everyday use of technology has left individuals and businesses alike more exposed to virtual crime than ever before.
Most worrying, perhaps, is the discovery that one third of those individuals surveyed believe acts of cyber crime and cyber terrorism are likely to spill over into physical acts of crime and terrorism.
“Cyber crime is not a victimless activity,” added Galindo. “Virtual acts of criminality affect real people, place jobs at risk and can have lasting consequences for everyone impacted by them.”
Taking steps to improve online security
The GFI survey also reveals that growing cyber security concerns have prompted people to take more aggressive steps towards protecting themselves and their online footprint, both at work and at work:
*57% of respondents claim to now change their passwords for web sites and online services on a regular basis
*52% have taken steps to strengthen their anti-virus protection measures
*49% have activated PIN or password protection on tablets and smart phones
*46% of respondents now avoid duplicating passwords across multiple sites and services
*28% have (where supported) activated two-factor authentication for logging in
However, 6% have done nothing to improve their online security regime.
Galindo commented: “It’s particularly encouraging to see that over a quarter of those surveyed have embraced two-factor authentication. While some banks and building societies now insist on this technology to protect online banking access, people are increasingly activating two-factor to protect social networking, e-mail, eWallet and other online services.”
Comparison with the US
The same survey conducted among a parallel demographic in the US produced broadly similar results, but with one key difference.
US respondents were between 4%-5% more security conscious with regards to the steps taken to secure their personal data and prevent unauthorised access for online services.
For example, in the UK just over a quarter (27%) of those surveyed have begun creating dedicated e-mail addresses for use with specific online services in an effort to minimise the impact of a security breach.
In the US – which is the site of many more high-profile instances of username and password thefts – this number is as high as one third.