‘Homeworking has widened businesses’ attack surface,’ says UK security researcher

A series of honeypot servers designed to mimic the cyber profiles of London-based SMEs came under attack 2,000 times a minute thoughout January, according to new figures.

burning keyboard, cyber, property, fire

Read: Property and cyber markets must get on same page to prevent cover ‘gap’ for cyber-related physical losses

Read: Biba calls for government intervention as SMEs face ‘very real’ cyber risks

Not subscribed? Become a subscriber and access our premium content

Explore more cyber-related content here or discover more news articles here

As part of an exercise designed to assess the volume of cyber attacks targeting the UK’s capital, cyber insurer Coalition configured the servers to make cyber criminals think were attacking small businesses operating in London.

Data from the exercise revealed that – over the course of 28 days in January 2023 – the devices were attacked 91m times by over 101,000 different hackers.

Russia was the single largest source of attacks, followed by Bulgaria, Monaco and Panama.

However, Coalition pointed out that many cyber criminals hide their locations by mounting attacks using virtual private networks (VPNs) routed through other countries.

The data was supplied by Coalition to the Cyber Resilience Centre for London – a police-led, not-for-profit organisation working in partnership with the Mayor of London’s Office for Policing and Crime.

Wider attack surface

Simon Bell, Coalition’s UK security researcher, said: “These results show just how much homeworking has widened businesses’ attack surface – the number of internet connections and vulnerabilities that hackers can exploit.

“85% of attacks we saw were attempts to gain unauthorised access to these remote connections.

“We use honeypots to learn about threat actors and their methods. It’s a little like using decoy car to attract car thieves – once the attack happens, we can see what vulnerabilities the cyber-criminal is looking for and how they try to exploit them.

“In this exercise, our honeypots were given IP addresses that identified as physical data centres in London.”

Coalition was launched in the UK in September last year.

Read: The Big Question March 2023 - What will the cyber insurance market look like this year?

Read: Ransomware and cyber war wording innovation named in 2023 tech predictions – DAC Beachcroft

Explore more cyber-related content here or discover more news articles here

The firm offers what it describes as “active cyber insurance” – a combination of cyber security protection combined with cyber insurance.

Coalition’s automated scanning and monitoring system Coalition Control scans the internet is real time to identify vulnerabilities that hackers can exploit.

3. etrading 480X97_v2

Click here to take part - all brokers that complete the survey will be entered into a prize draw to win £250 worth of John Lewis vouchers

Topics