Half of UK businesses experienced cyberattacks in 2023

Half of UK businesses experienced cyberattacks in 2023 according to the UK government’s cybersecurity breaches survey published on 9 April.While half (50%) of all businesses sustained attacks, medium and large businesses were at the highest risk of being targets for cybercriminals.

Over 70% of large businesses reported that they had been targeted in 2023.

Phishing was the most reported attack strategy, with 84% of affected businesses reporting phishing attempts.

In contrast, only 17% of businesses reported that cybercriminals had targeted them using viruses or malware.

The UK government estimated that each breach cost, medium and large, businesses around £10,000 each.

This was despite businesses adopting better cyber hygiene than the previous year.

The number of businesses using updated malware protection rose from 76% to 83% and network firewall use rose nine percent.

Oseloka Obiora, chief technology officer at cybersecurity company RiverSafe, explained that the rise in cyberattacks may be caused by technological developments like AI.

“Organisations need to be even more aggressive with their response and remediation plans if they are to withstand a new flavour of AI-generated cyberattacks,” Obiora said.

“To increase preparedness, security teams need robust network visibility to enable them to swiftly detect and address vulnerabilities across systems, mitigating the impact of cyber threats, especially across complex or dispersed IT systems,” he stated.

The government’s report also found that the number of businesses insured against cyberattacks had risen from 37% to 43% in the past year, particularly among medium and large businesses.

Absolute Software’s area vice president EMEA, Archi Lewis, explained that anyone could become a victim of cybercrime.

“Especially in today’s work-from-anywhere world, security teams need visibility over an organisation’s entire network to protect devices, applications, and ultimately staff,” he said.

“An approach to security that includes cyber resilience built into defences is the best way for targeted organisations to ensure their measures are working as needed to avoid being breached,” Lewis stated.