Not to worry anyone but BT’s chief exec has just said its network is now dealing with ‘hundreds of thousands’ of cyber attacks a day. That’s an increase of about 1,000% in the past 18 months apparently. And it’s obviously not just BT being targeted.
Speaking on a panel at the World Economic Forum in Davos, Gavin Patterson said while it was clear the spate of high-profile attacks on firms from TalkTalk to Ashley Madison had increased public awareness, he didn’t think boards were up to speed with the rapidly changing and developing threat.
‘While I think there is a recognition at board level, I’m not convinced that there is a high technical understanding,’ he said. That sounds about right. Of course execs will now be aware cyber attacks are a growing threat and not quite so abstract as they used to be, but many will struggle to keep up with hackers and their evolving approaches. Little wonder that cyber security experts are reportedly charging upwards of £10,000 a day for their services then.
One of the predictions MT made back in December was that there’s likely to be a really significant cyber attack on the horizon in 2016 – wreaking its damage on a huge financial institution or a government. The sentiment at Davos seemed to be very much the same.
Michael Bodson, President and CEO of the Depository Trust & Clearing Corporation (DTCC) said the one thing he was ‘truly paranoid’ about was cyber risk and that even a mid-size bank having its records wiped could cause widespread panic. He added that a third of ‘all attacks are against the financial industry because that is where the money is’ and such an attack could lead to a run on other banks. Reassuring.
While the vast majority of the attempted attacks on BT were apparently easily dealt with according to Patterson (though he would say that, wouldn’t he?), the firm has to be alert to the odd one with the potential to cause cataclysmic damage.
It’s an important point. Big firms now face vast numbers of attacks and making sure you’re concentrating on each and every single one can be a tough ask. ‘How do you identify the signal from the noise? The sheer barrage of attacks means you have to be able to identify the one that can get through your defences,’ Patterson said.
The likelihood is we'll be hearing quite a bit more about cyber attacks in the coming weeks and months, and it's apparent those at the top are still trying to wrap their heads around the best way to face the threat. Step one, you'd hope, would be a bit more information sharing as the threat becomes greater and hacking more commonplace.
Yes, it's embarrassing to admit your sensitive data has been pinched and you're being blackmailed to retrieve it, but keeping the ins and outs of the attack to yourself will likely mean businesses in general find it harder to prepare for future threats.