Over 50% of cyber attacks on Irish businesses may be undetected, the Magnet Networks Cyber Security Survey has found.
Just 20% of businesses surveyed say they have suffered from cyber attacks in the past two years, with a further 16% unsure and 64% claiming that they been unaffected, according to the survey carried out by Magnet Networks.
However, a leading cyber security expert states that the true average industry figure for attacks is 43%, and that many Irish businesses are unaware that they currently have a sophisticated cyber breach.
The Magnet Networks National Cyber Security Awareness Survey was carried out among 258 companies spread across all sectors and regions, giving an up-to-date sample of the business attitudes to threats which could potentially ruin many of those who are attacked.
34% of all businesses have no cyber security policy in place, with a further 19% acknowledging that either their security needs tightening or they are completely unsecure.
“A new generation of cyber threats has meant that Irish businesses are constantly under attack and they may not realise it,” said cyber security expert James Canty of Magnet Networks.
“The average time it takes a business to identify a cyber breach is 191 days, and in many cases a company may not know they have been affected until their data is sold on the dark web.”
The biggest global threats against business are now ransomware, fileless malware and crypto mining attacks.
“In the past year we have seen a huge increase in the use of fileless malware in attacks. This runs in memory and is a lot harder to detect and stop than malware installed on systems,” said Canty.
“The hijacking of computers for crypto-mining purposes is also quickly becoming a major problem for enterprises, involving almost 90% of recent remote code execution attacks, according to industry figures.
“Crypto-mining occurs when someone hacks into your pc and servers and use the processors of these pcs and servers to mine bitcoins and other cryptocurrencies.
“Unlike traditional malware, the main aim of crypto mining is to hide its existence, with its only tell-tale sign being that your PCs and servers and sometimes even your broadband becomes ridiculously slow, which many businesses tend to blame on old systems or equipment.
“The main worry looking at the state of our national cyber defences is that 80% of businesses surveyed have legacy anti-virus software installed, with the majority of these (75%) combining this with a firewall.
“Just because you have a box in the corner that IT calls a firewall doesn’t mean you are protected from ransomware, and, the likelihood of a virus scan picking up a sophisticated and constantly evolving data mining programme is remote in the least.
“The proliferation of new types of cyber threats means traditional anti-virus solutions are no longer as effective as they were in the past. They are constantly playing catch up, leaving computer networks vulnerable to attack.
“Companies need to have a next-generation application-aware firewall along with advanced endpoint protection, where zero-day ransomware protection instantly stops an attack.
“We are pleased to say that no businesses using the Magnet Protect system were affected in any way by any of the major cyber attacks over the past two years.”
The survey found a surprisingly high level of businesses who were unhappy with their GDPR progress, with 49% of respondents rating themselves as unprepared or still preparing for GDPR.
Only 32% of companies have described themselves as satisfied with the arrangements that they have made for the regulations which came into force in May.
And 27% of all respondents said that either the business owner or no-one at all, was responsible for cybersecurity in the business.
“In our survey, 32% of companies say that they spend less than 10% of their budget on cybersecurity. However, global industry figures state that 87% of businesses require up to a 50% increase in spend against cyber threats,” said Canty