UK businesses were subjected to 2,000 new cyberattacks a day in Q1. Commercial cyberattacks are up 11 per cent year-on-year, with businesses hit every 45 seconds.

The number of cyberattacks on British businesses increased by 11 per cent in the first quarter of 2021, with organisations experiencing new attempts to breach their IT systems every 45 seconds, on average, according to our research.

Beaming’s analysis of commercial internet traffic discovered that UK companies encountered 172,079 cyberattacks each, on average, between January and March 2021, the equivalent of 1,912 per day. This compared to 1,725 attacks per day in Q1 2020 and was the highest level of malicious web activity seen in the first three months of the year since Beaming began recording cyber attack data in 2016.

Sonia Blizzard, managing director of Beaming, comments: “The number of cyberattacks launched against UK businesses surged as the country went into Covid lockdown last year and has remained at exceptionally high levels ever since. Our analysis shows some respite in February, but this was bookended by record levels of malicious web activity in January and March.”

“The mass move to home and hybrid working means that company data and IT systems are now being accessed via a wide range of personal equipment on unmanaged domestic internet connections. Each offers a potential point of failure for hackers to gain access to company systems over the public internet, and hackers are doubling down to take advantage of vulnerabilities created by this fundamentally less secure way of working.

“Businesses should speak with their ISPs or IT specialists to discuss what more they can do to help secure their data and systems, especially if they expect employees to continue working from home for at least some of the working week.”

Beaming’s cybersecurity analysts identified 305,136 unique IP addresses used to launch cyberattacks over the internet on UK businesses during Q1. While Beaming traced 41,923 of these IP addresses to locations in China, we also identified high levels of offensive cyber activities originating from the USA (32,843) and India (19,392).

Remotely controlled IoT applications and file-sharing services were the most likely targets for online cybercriminals, attracting 175 and 100 attacks per day respectively between January and March.