Surprising statistics uncovered after a Freedom of Information (FOI) submission reveal that London’s Kew Gardens, Natural History Museum, Tate Gallery, and Imperial War Museum saw a total of 109 million cyber attacks over just the last three years.
These cyber attacks and attempted hacks included various attempts to steal information, phishing, spyware, malware and ransomware attacks.
A Need for Greater Cyber Security Expertise
Sheila Flavell, COO of digital skills and solutions company FDM Group told InfoSecurity Magazine she believes there needs to be a “sharper focus” on boosting interest in building cyber-security skills.
“These incidents are a reminder of the urgent need to increase the UK’s level of cyber expertise.”
She describes cyber attacks as a “real and relentless threat.” Critically, the fact that Kew Gardens alone was hit by 86 million attacks in 2018 illustrates the need for any type of business to address cyber-security risks sooner rather than later.
Hackers appear to be targeting the financial and personal information of Kew Gardens’ 800 staff and over 100,000 members. The FOI results obtained by Parliament Street say a Kew Gardens server was breached and an email account compromised across the three-year period.
A spokesperson for Kew Gardens told the Evening Standard that cyber-security was foremost within the organisation:
“We have observed a very significant increase in the number of cyber hack attempts…We can confirm these attempts were successfully blocked by our firewalls and perimeter defences…Security remains one of our primary concerns.”
There is no further information apparent on the reported Kew Gardens breach, though it is evident that cyber-security is taken seriously in order to only have one breach amidst millions of attempts.
The Imperial War Museum also experienced eight successful ransomware attacks out of around 10 million attempts over the course of the three years. The Tate Gallery reported four successful malware or phishing attacks and nearly 500,000 attacks in 2018.
The Natural History Museum is focusing on cyber-security as it works to adapt its business to the digital age. A spokesperson for the museum, Ian Golding said:
“Ensuring we have the best cyber protection is of paramount importance as we continue to protect, display and digitise our collection.”
Organisations of Every Size and Purpose Face a Growing Risk of Cyber Attack
According to a recent TechRadar summary of cyber-security statistics, Carbon Black research in 2018 found that 88% of organisations in the UK had experienced a data breach in the previous 12 months.
Other research by Opus and the Ponemon Institute of 1,000 professionals responsible for cyber-security found that 59% of companies experienced a data breach caused by a supplier or other third-party.
McAfee Labs has found that cyber threats are evolving so quickly that an average of 480 new threats per minute were discovered during the third quarter of 2018.
Radware’s 2018-2019 Global Application and Network Security Report found the average cost of a cyber-attack was $1.6 million both in direct losses and those attributed to customer reputation. Back in the UK PCI Pal found that 44% of UK consumers would stop spending with an organisation immediately after a serious data breach. 41% of consumers would move their patronage elsewhere permanently.
It’s not just large and well-known organisations that are increasingly targeted by cyber attacks. Ponemon Institute’s “2018 Cyber-security in Small and Medium Size Businesses” report based on the US and the UK found 67% of small to medium sized business had experienced a cyber attack and 58% a data breach in the 12-month period covered by the report.
Though all four tourist attractions are prominent and successful ones, the sheer volume of cyber attacks goes to prove that it’s not just financial institutions and government departments at the greatest risk.
Cyber-criminals target large and small organisations as well as individuals, proven by the fast-growing volume of attacks. With the type of attack changing by the second it is imperative that any business has a continuous focus on cyber-security and at every level within the business. Malware and phishing attacks can begin a breach with simply one individual unwittingly opening the wrong email and lead to the compromise of entire servers.
You can significantly reduce your risk by investing in a programme of security awareness training for your employees, helping to make your workforce, your strongest defence. Why not sign up for a free demo and get started, today.