UK businesses are leaving themselves vulnerable to the most common form of cyber-attack, research by a UK-based cyber security firm suggests. More than half, 58 per cent of office workers among 1,000 employees surveyed at mid-to-large UK businesses revealed they usually open email attachments from unknown senders, leaving businesses open to breaches from documents carrying malicious exploits hidden inside common file-types.
Despite the widely-publicised growing threat from social engineering, where hackers create emails that look as if they have come from someone the recipient knows, 83pc admitted always or usually opening attachments if they appear to be from a known contact.
Greg Sim, pictured, CEO, Glasswall Solutions, an email security product company, said: “Employees need to trust their emails to get on with their work, but with 94% of targeted cyber-attacks now beginning with malicious code hidden in an email attachment, the security of major businesses should no longer be the responsibility of individual office-workers. Conventional anti-virus and sandboxing solutions are no longer effective and relying on the vigilance of employees clearly leaves a business open to devastating cyber-attacks that will siphon off precious data or hold the business to ransom.”
The survey revealed the scale of cyber breaches, unveiling that one third, 34pc of the UK office workers questioned said their business had been victim of a cyber-attack, with 76pc acknowledging that they have received email attachments that were suspicious.
“This research confirms anecdotal evidence that although security awareness campaigns have their place, all too often they fail to equip workers with effective strategies for protecting data and systems,” said Professor Andrew Martin at the University of Oxford. “Technology that’s fit for purpose reduces risks without placing added burdens on those simply trying to do their jobs.”
Employees clearly feel vulnerable – 58pc in the survey said they would feel safer from cyber-crime if their employer had the right technology to protect them. One in five (20pc) said the business they work for has no policy on how to handle email attachments, or they have not been made aware of it.
The results also show how UK office workers are faced with thousands of decisions about cyber-security. More than half of those surveyed (55pc) said they sent or received at least 11 documents via email every working day.
Greg Sim added: “Instead of relying on a failed combination of outdated anti-virus defences and the vigilance of their hard-pressed employees to protect them, businesses need innovative technology that stops all the threats in email attachments before they enter a network. Zero-day attacks have massively increased and most employees will never know they have been responsible for a catastrophic breach because the malware they are responsible for admitting may be triggered weeks after they clicked on an attachment.
“But there is no excuse for complacency or defeatism – businesses need to implement the right technology and formulate an effective risk-policy in relation to email attachments. That way they will be back in control, instead of becoming yet another expensive, high-profile victim of hacking.”
To download the full report go to – https://www.glasswallsolutions.com/email-security-report/.
