Businesses leaving themselves increasingly vulnerable to cyber attacks
A survey by IT service, support and solutions provider Probrand has found that over half a million UK businesses are potentially exposed to the threat of internet security attacks, having never tested their gateway security systems.
The Internet Gateway Security Survey, which was conducted with 500 IT executives within small to medium sized businesses, revealed that one in seven organisations have not upgraded their gateway security systems since 2009. Worryingly, a further 25% of SMBs have no idea when they should upgrade their gateway security, leaving UK businesses exposed to attack as a result.
This ‘fit and forget’ attitude is seeing many using old traditional gateway security solutions no longer fit for purpose. Probrand warns businesses to ensure their internet security defences – including anti-virus software, software patches and firewalls – are up to date to protect against modern threats.
Probrands’ head of technical, Mark Allbutt said: ‘‘Our survey has shown that many organisations are falling at the first hurdle by not upgrading their gateway security. This is the frontline defence against increasingly intelligent threats carried in internet traffic. Organisations that have not refreshed gateway security in the last three years are highly likely to be relying on legacy systems no longer fit for purpose.”
‘‘This can prove critical, as attacked or infected organisations will find themselves at the mercy of cybercriminals capable of stealing corporate and financial information. In one case, we helped a company held to ransom over sensitive files that had been placed in a desktop encrypted folder. The cybercriminals wanted a large sum of money in return for not releasing the files to the wider world.”
Florian Malecki, International Product Marketing Director at Dell Security, said: “Today, up to 35% of enterprise traffic is secured using the Secure Sockets Layer (SSL) protocol. Cybercriminals know this, and they have begun to use SSL to hide their attacks. Organisations still relying on legacy gateway security with no or limited SSL Inspection capabilities can be easily compromised.”
With the research finding over a third of organisations are exposing themselves with no plans to upgrade their gateway security, Probrand warns businesses that security threats are at an all-time high, and are becoming more sophisticated.
Allbutt continues: “The likelihood is that if you’re not testing or are unsure of your current protection measures, you’ve probably already been compromised. It is critical that organisations keep their security defences up to date as the sophistication of attacks has become unprecedented. Corporate data is gold to cyber criminals and as a result they are not afraid of investing heavily in getting what they want. Companies should double check the three core pillars of defence; anti-virus software, software patches and firewall.
“Importantly, when it comes to threats in internet traffic, modern solutions can conduct deep level inspections of data and manage what was previously hidden or encrypted traffic.
“It is shocking to hear that 25% of survey respondents indicated they would refresh their protection ‘at the end of its life’. Such basic levels of defence are being overlooked and organisations are exposing themselves to what can be business critical threats. We would advise regular testing and assessment of gateway security for absolute assurance.”