Royal Mail, JD Sport and Morgan cyberattacks highlight growing threat to companies
Proactive Investors – Nearly 40% of UK businesses experienced a cyberattack in 2022, with the number of attacks this year showing no signs of slowing down, according to new industry data.
Already this year, JD Sports, ceramics group Morgan Advanced Materials, and metals company Vesuvius have been victims of attacks, with potential cybercriminals lurking in all corners of the globe.
Royal Mail’s ransomware attack was claimed today by Russian-linked criminal organisation LockBit, which said its network launched the attack which crippled international postal services over recent weeks.
Fewer than a fifth of UK businesses have a formal incident response plan, according to the data from IT support services group AAG.
This was evident with retailer TheWorks, which was forced to close stores following a cyberattack last year, ultimately having a knock-on effect on its final-year results.
Morgan Advanced said the cyberattack last month is expected to amount to a hit of at least £8mln, meaning the group’s 2023 profits will reduce by a further 10% to 15%.
Good cybersecurity practices, therefore, are as important as any other governance, risk or compliance area, according to Stuart Jabb, group managing director at Crossword Cybersecurity.
“Successful attacks have been shown time and time again to severely impact customer confidence, share prices, and in some cripple organisations as their entire systems are held to ransom by cybercriminals,” said Jabb.
“Getting cybersecurity right substantially reduces the risk of a successful cyberattack – but those practices need to be applied across an organisation’s supply chain, not just within its corporate entities, if it is to be truly effective.”
While constitutes good cybersecurity varies on the needs of the business, Jabb suggests there are some basic measures that all companies should adopt: “It is a constant process of getting the right hardware and software in place, employing good supply chain management processes that include cybersecurity and ongoing education for staff and suppliers.”