GFI survey reveals alarming 60% rise in UK fears over cyber security

Recent high profile hacking attacks and data breaches, such as those affecting Sony, Netflix, health insurer Anthem and parking ticket website PaymyPCN.net have served to substantially increase public and business concerns about the real-world implications of cyber crime

Recent high profile hacking attacks and data breaches, such as those affecting Sony, Netflix, health insurer Anthem and parking ticket website PaymyPCN.net have served to substantially increase public and business concerns about the real-world implications of cyber crime

GFI Software has released the findings of an independent study examining the business and social impacts of cyber security issues. The results reveal stark public concerns over the increasing personal and business risks posed by cyber crime, and the growing likelihood that acts of cyber criminality will escalate towards physical retaliation.

With multiple recent high profile attacks targeting household names and large employers – including the major attack against multiple parts of Sony, the leaking of user data stolen from video streaming service Netflix and health insurer Anthem being hit for valuable healthcare customer and employee data – the survey shows that individuals increasingly fear cyber crime and its resulting consequences in the workplace as well as at home.

The survey reveals that 47% of respondents have been the victims of at least one cyber crime act in the last year alone. Credit card fraud is the most prevalent form of cyber crime, with 20% of respondents having been hit in the last year, followed by 16.5% having at least one social media account either breached or defaced.

The independent study was conducted for GFI Software by Opinion Matters and surveyed 1,008 UK adults working for companies with up to 5,000 staff and who use a computer or mobile computing devices.

Key findings from the survey are as follows:

*41% of respondents believe banks will be the main target for cyber criminals in the coming year

*One quarter (23%) are concerned that large business institutions will be targeted for crime and cyber espionage, but only 9.5% believe retailers will be a major target despite the potential for high levels of credit card data theft

*With growing volumes of healthcare data now being digitised, 9% of respondents are concerned that cyber criminals will turn their attentions towards the NHS and private health insurers in the coming year

*The perceived growing threat from cyber attacks is apparently hurting the adoption of Internet of Things technology, with nearly two-thirds (64%) of respondents either viewing Internet-connected home devices as too risky to own or otherwise harbouring reservations about making further purchases

*55% of respondents to the GFI survey believe that malware still poses the biggest threat to both individual and business information security

Business impact of cyber crime

The research reveals that almost all cyber crimes have a noticeable and detrimental impact on businesses, with 88% of those surveyed believing that a cyber attack against their employer would have measurable financial and productivity implications.

GFI Infographic of the survey results

GFI Infographic of the survey results

A further 3.5% believe that a single cyber attack against their employer could easily put the organisation out of business on a permanent basis.

“Cyber attacks have profound consequences for the business community, whether organisations are the target or the victim of an attack elsewhere,” said Sergio Galindo, general manager of GFI Software.

“In the last few months alone we’ve seen major corporations targeted in systematic acts of espionage and geopolitical retaliation, as well as hundreds of thousands – potentially millions – of individuals affected by the fall-out of data being stolen and misused. Usernames, passwords, credit card data, health records – the malicious use of this data by criminals can quickly create financial hardship and significant stress for the affected individuals, while the negative fall-out for those organisations from whom the data was stolen can range from loss of reputation through to fines, falling sales or even civil and criminal legal proceedings in the courts.”

Impact of cyber crime on public services

Until recently, the thought of hackers gaining access to everyday public and utility services in order to cause havoc and disrupt society was the stuff of movies like Die Hard 4.0. However, with everything from traffic lights and CCTV camera data to power station information and smart meter data now being computerised, automated and networked to improve efficiencies, centralise management and reduce costs, these services are now at greater risk.

In point of fact, this was highlighted in November last year when the NSA reported that the US power grid was successfully hacked.

As a result, two thirds of those surveyed by GFI now believe the hijacking of major services (ie the utility services, traffic management and transport, etc) by cyber criminals is a genuine threat to both the UK’s national and infrastructure security.

In addition, 43% believe that increased cyber crime is making life harder by making it more challenging to access everyday services, with 30% of respondents to the survey believing the heightened cyber crime environment is a hindrance to productivity.

The public’s reliance on digital devices makes us more of a target, with 21% of respondents believing that our everyday use of technology has left individuals and businesses alike more exposed to virtual crime than ever before.

Most worrying, perhaps, is the discovery that one third of those individuals surveyed believe acts of cyber crime and cyber terrorism are likely to spill over into physical acts of crime and terrorism.

“Cyber crime is not a victimless activity,” added Galindo. “Virtual acts of criminality affect real people, place jobs at risk and can have lasting consequences for everyone impacted by them.”

Taking steps to improve online security

The GFI survey also reveals that growing cyber security concerns have prompted people to take more aggressive steps towards protecting themselves and their online footprint, both at work and at work:

*57% of respondents claim to now change their passwords for web sites and online services on a regular basis

*52% have taken steps to strengthen their anti-virus protection measures

*49% have activated PIN or password protection on tablets and smart phones

*46% of respondents now avoid duplicating passwords across multiple sites and services

*28% have (where supported) activated two-factor authentication for logging in

However, 6% have done nothing to improve their online security regime.

Galindo commented: “It’s particularly encouraging to see that over a quarter of those surveyed have embraced two-factor authentication. While some banks and building societies now insist on this technology to protect online banking access, people are increasingly activating two-factor to protect social networking, e-mail, eWallet and other online services.”

Comparison with the US

The same survey conducted among a parallel demographic in the US produced broadly similar results, but with one key difference.

US respondents were between 4%-5% more security conscious with regards to the steps taken to secure their personal data and prevent unauthorised access for online services.

For example, in the UK just over a quarter (27%) of those surveyed have begun creating dedicated e-mail addresses for use with specific online services in an effort to minimise the impact of a security breach.

In the US – which is the site of many more high-profile instances of username and password thefts – this number is as high as one third.

About the Author
Brian Sims BA (Hons) Hon FSyI, Editor, Risk UK (Pro-Activ Publications) Beginning his career in professional journalism at The Builder Group in March 1992, Brian was appointed Editor of Security Management Today in November 2000 having spent eight years in engineering journalism across two titles: Building Services Journal and Light & Lighting. In 2005, Brian received the BSIA Chairman’s Award for Promoting The Security Industry and, a year later, the Skills for Security Special Award for an Outstanding Contribution to the Security Business Sector. In 2008, Brian was The Security Institute’s nomination for the Association of Security Consultants’ highly prestigious Imbert Prize and, in 2013, was a nominated finalist for the Institute's George van Schalkwyk Award. An Honorary Fellow of The Security Institute, Brian serves as a Judge for the BSIA’s Security Personnel of the Year Awards and the Securitas Good Customer Award. Between 2008 and 2014, Brian pioneered the use of digital media across the security sector, including webinars and Audio Shows. Brian’s actively involved in 50-plus security groups on LinkedIn and hosts the popular Risk UK Twitter site. Brian is a frequent speaker on the conference circuit. He has organised and chaired conference programmes for both IFSEC International and ASIS International and has been published in the national media. Brian was appointed Editor of Risk UK at Pro-Activ Publications in July 2014 and as Editor of The Paper (Pro-Activ Publications' dedicated business newspaper for security professionals) in September 2015. Brian was appointed Editor of Risk Xtra at Pro-Activ Publications in May 2018.

Related Posts