‘These attacks are extremely preventable and could potentially lead to disastrous interruption or financial losses,’ says UK security researcher
Nearly three quarters of cyber attacks across the UK in 2023 targeted technology for home-based working, new data from Coalition has revealed.
Published yesterday (18 December 2023), the figures showed that the cyber insurance provider’s UK honeypot sensors were attacked 17m times per day on average during the year.
And of the 5.8bn attacks during 2023, 74% targeted remote desktop protocol (RDP) – a technology that employees who work from home use to connect to Microsoft Windows computers remotely.
Coalition said attackers frequently target RDP because it grants them quick access to devices and allows them to execute further attacks.
“Nearly three quarters of recorded attacks in 2023 resulted from RDP, which is a scary thought for businesses since remote working is here to stay,” Coalition UK security researcher Dr Simon Bell said.
”These attacks are extremely preventable and could potentially lead to disastrous interruption or financial losses.
”To reduce these risks, we recommend immediately disabling the service if it is not in use or limiting access to only the employees who need it.”
Vulnerabilities
According to Coalition, honeypots, which were traditional used by spies as an espionage technique, are digital assets that are made to look like legitimate devices, such as a network, but instead acts as a decoy to capture cyber criminals.
Read: CFC set to launch cyber monitoring centre in 2024
Read: Warning as more businesses fall victim to cyber attacks
Explore more cyber-related content here or discover other news stories here
In its latest data, the insurance provider also found out what open vulnerabilities’ attackers were exploiting in its honeypots, such as F5 BIG-IP.
This is a mixture of software and hardware designed around application availability, access control and security solutions.
“Attackers will often target old vulnerabilities to exploit. This is partly due to the availability of public exploits for these vulnerabilities, giving hackers an available playbook for successfully executing an attack,” Bell said.
”This is also because attackers know organisations can be slow to patch their software, exposing their systems to these known vulnerabilities.”
Coalition further found that policyholders with just one unresolved vulnerability were 33% more likely to experience a claim and those that continued to use software that was no longer supported by the original developers were three times more likely to suffer from an incident.
”Attackers can take advantage of outdated software and easily accessible public exploits to attack such systems,” Bell warned.
She was selected for the Women in Journalism Senior Mentoring Scheme in 2019 and, in 2022, went on to win the Highly Commended Award in the Most Promising Newcomer category at the British Insurance Brokers’ Association (BIBA) Journalist and Media Awards.
At BIBA’s 2023 awards, she was shortlisted for the Best Investigative Journalism category.View full Profile
No comments yet