One in six firms paid ransoms to meet the demands of hackers last year, according to the “chilling” findings of a report on cyber crime.
The annual Hiscox Cyber Readiness Report revealed that six per cent of the 5,569 firms polled – and one in six of those attacked – had surrendered by paying out following a cyber attack.
The highest losses for a single firm targeted with a ransom demand hit £40.2 million. The report also showed that total cyber losses surged 50 per cent to nearly £1.4 billion in 2019.
Cyber losses per firm have risen nearly six-fold, from an average of £8,041 a firm to £45,832.
UK firms are now 15 times more likely to suffer a cyber attack than a fire or theft, the report suggests.
It revealed the biggest reported cyber loss among firms in the eight countries surveyed was suffered by a UK financial services firm, at £71 million.
The report also uncovered that the highest loss from any one cyber event was £12.7 million, involving a UK professional services firm.
It comes after a recent spate of cyber attacks on British firms, with foreign exchange giant Travelex becoming the victim of a high-profile hack at the turn of the year and reportedly paying out £1.8 million in January to the notorious REvil ransomware gang.
The New Year’s Eve attack left its systems down for weeks, forcing the group to resort to pen and paper across its branches.
But while cyber attack losses rose last year, the Hiscox report also showed that firms are increasing their defences against hacks, with spending on cyber security rising 39 per cent.
Gareth Wharton, Hiscox Cyber chief executive, said: “The number of businesses that have paid a ransom following a malware infection is chilling.
You don’t have to suffer in silence if you’re struggling with your mental health. Here are some groups you can contact when you need help:
Samaritans: Phone 116 123, 24 hours a day, or email firstname.lastname@example.org, in confidence
Childline: Phone 0800 1111. Calls are free and won’t show up on your bill
PAPYRUS: A voluntary organisation supporting suicidal teens and young adults. Phone 0800 068 4141
Depression Alliance: A charity for people with depression. No helpline but offers useful resources and links to other information on its website
Students Against Depression: A website for students who are depressed, have low mood, or are suicidal. Click here to visit
Bullying UK: A website for both children and adults affected by bullying. Click here
Campaign Against Living Miserably (CALM): For young men who are feeling unhappy. Has a website here and a helpline: 0800 58 58 58
“There is, however, one very positive message from this year’s report – there is clear evidence of a step-change in cyber preparedness, with enhanced levels of activity and spending.
“Take-up of standalone cyber insurance remains patchy, but this report is a reminder that firms are many times more likely to have a cyber incident than either a fire or a theft – for which most automatically insure.”
The study surveyed companies across the US, UK, Belgium, France, Germany, Spain, the Netherlands and Ireland.
Hiscox also warned there were new cyber threats emerging from the coronavirus crisis, with a ramp-up in so-called phishing scams and as staff and companies are leaving themselves vulnerable due to less-secure home working computers.
Mr Wharton said: “As companies roll out working from home, potentially less secure devices are being connected to corporate networks.
“Rapidly rolled out remote access solutions may lack the thorough security testing that would have taken place in more stable times.”