South West businesses leaving themselves open to cyber-attacks, says RSM UK


The number of businesses that think they are likely to fall victim has fallen despite a significant increase in cyber-attacks, according to new research from chartered accountants RSM UK.

According to RSM UK’s ‘The Real Economy’ report, over a quarter (27 per cent) of middle-market businesses have experienced a cyber-attack in the past year, up from one in five (20 per cent) last year.

Yet despite the increased risk to the 1,679 middle-market businesses in the South West, the research found the number of businesses that felt they are ‘very likely’ to fall victim to a ransomware attack has actually fallen significantly, from 34 per cent in 2021 to just 24 per cent this year.

Ransomware attacks, where hackers either steal or encrypt data, rendering it inaccessible, then hold a business to ransom for it, have escalated 100 per cent since the pandemic, according to the Information Commissioner’s Office (ICO).

They are expected to rise further in future, partly due to changing external events such as increases in inflation, volatile financial markets and the current Russia-Ukraine situation.

Leading researcher for the cyber economy, Cybersecurity Ventures, predicts that by 2031 ransomware will cost victims $265bn a year, with an attack expected to take place every 2 seconds, up from every 11 seconds in 2021.

There is also evidence that criminals like to return to the scene of the crime, re-visiting easy targets where they have carried out a successful attack, knowing defences are weak.

The Real Economy research found 17 per cent of businesses have been targeted with ransomware more than once, compared to only 11 per cent last year.

The figures may suggest a level of complacency has set in among middle-market businesses, leaving them vulnerable to future attacks.

Alternatively, those who have invested in cyber security tools, specialist resources and cyber insurance may wrongly think they no longer need to consider the ongoing cyber threats and are now adequately protected from all types of attacks.

In recent weeks, data extortion group LAPSUS$ has shown how teenaged cybercriminals with little financial resources can extort data from large companies including Microsoft, NVIDIA and Samsung.

With such sophisticated and high-profile technology companies who invest significantly in cyber security still coming under threat, middle-market businesses must remain vigilant to the threat of cyber-attacks.

Kate Reid, office managing partner for RSM Bristol said: “The rapid shift to home working brought about by Covid meant businesses were initially more aware of the need for tighter cyber security measures as people logged on to work from home, often utilising their own unsecured devices.

“Now, as many middle-market companies have already made an initial investment in protecting their business, there is a risk they mistakenly believe they have done enough and have now developed a false sense of security.

“In reality, cyber security is an ongoing process, as criminals are constantly evolving, developing new attack techniques and seeking out new vulnerabilities. To keep one step ahead of the cybercriminals, businesses need to ensure IT systems remain secure, and continually review cyber security measures to ensure they are as robust as they possibly can be.’

Cybercrime is now so prevalent that Ransomware is even available to buy as a service, more commonly known as RaaS (ransomware as a service).

Criminal syndicates offer ransomware to would-be attackers, meaning quite often these criminals require very little technical knowledge to carry out an attack.

This has increased the number of attacks that are possible exponentially. The current Russia-Ukraine situation means the threat of an attack, particularly on financial organisations or national infrastructure, is increased, as state-sponsored groups carry out APTs (advanced persistent threats).

Kate concludes: “With cybercriminals now operating on an industrial scale, it is sadly no longer possible to completely eliminate the possibility of an attack, but by remaining aware of the fast-evolving cyber threat landscape and vigilant to potential threats, businesses can reduce the risk considerably.”