back to article UK biz fails to report two thirds of cyber attacks, says survey

Just one-third of cyber attacks are being reported to the police, according to a wide-ranging survey from the Institute of Directors. According to the survey of nearly 1,000 IoD members, one quarter said they had experienced a cyber attack in the last twelve months. However, of those 250 directors, only 28 per cent reported …

  1. Chozo

    UK biz fails to notice two thirds of cyber attacks, says the red team

    1. Tom 13
      Unhappy

      Nope, they failed to report two-thirds of the attacks detected. Red Team has not reported on how many attacks they failed to notice. While two-thirds MIGHT be the right answer, chances are it's higher.

      Meanwhile, Blue Team has not reported on either on the opposite side of the pond.

  2. Alister Silver badge

    Well, from personal experience, we tried to report an attack on one of our sites to the police, and were met with total disinterest, they wouldn't even give us a crime number, and after passing us from pillar to post over the phone we gave up trying.

    So maybe the headline would be more accurate if it said "UK Biz tries and fails to report two thirds of cyber attacks"

    Oh, and who the hell are Action Fraud Aware? I've just asked round the office, and nobody has ever heard of them.

    I've just looked at their site, and apparently they are the National Fraud and Cyber Crime Reporting Centre.

    It's a shame nobody knows about it.

    1. Ole Juul Silver badge

      So maybe the headline would be more accurate if it said "UK Biz tries and fails to report two thirds of cyber attacks"

      Sounds more like it should be "Police reject two thirds of cyber attack reports".

      1. AMBxx Silver badge
        Holmes

        No different to regular crime

        If it's not on CCTV or caught with a speed camera, the police aren't interested (unless it's a celebrity perv).

        If someone broke into my garage, I wouldn't bother reporting it. Police won't catch anyone, my home insurance would go up in price, the value of my house would drop.

        I'd just buy bigger locks - probably the best advice you could give with cyber crime too.

    2. Anonymous Coward
      Anonymous Coward

      Crime number

      I'd say you're about right. From my experience within the MET their officers aren't technical at all, and their CRIS (Crime Reporting Information System), which is what you type your "crime" into, which eventually gives you a "crime number", is categorized by specific crimes, and last time I checked, It didn't have a category of "cyber-crime". Even to fill out a single crime it takes about 45 minutes... and is so laborious I can understand why most officers aren't really enthusiastic about it... another case of bureaucracy killing efficiency...

  3. allthecoolshortnamesweretaken Silver badge

    I'm mildly shocked by the "just 43 per cent of the 1,000 businesses polled know where their data was physically stored" bit. I suppose the number will increase as even more stuff is shoved into 'the cloud'.

    1. Doctor Syntax Silver badge

      "just 43 per cent of the 1,000 businesses polled know where their data was physically stored"

      More likely somebody in the business knows but nobody at director level is going to sully their hands talking to such plebs.

  4. jake Silver badge

    On the bright side ...

    Folks with a clue are raking in the bucks cleaning up the mess ;-)

    Hint to marketing & management: Stick with what you are good at.

    Leave computers & networking & associated security to professionals.

  5. Anonymous Coward
    Anonymous Coward

    But on the flip side of the coin...

    Businesses who do report these types of issues are beaten viciously and at length with a stick by our fine selves for being "incompetent", "careless", "insane", etc. etc., which puts a rather large reputational bar in the way of reporting "increasingly sophisticated" cyber crimes (whether true or hugely inflated remains to be seen).

    So, you know, we must look to ourselves as a cause for concern if under-reporting of cyber crimes, data loss etc. becomes distasteful and review our own reactions and intentions. Just a thought.

    1. Doctor Syntax Silver badge

      Re: But on the flip side of the coin...

      "Businesses who do report these types of issues are beaten viciously and at length with a stick by our fine selves"

      And rightly so if they have their customer database popped by teenager skiddies via an exploit older then themselves. If they get DDOSed that's a different matter.

  6. Graham Marsden
    Alert

    "just 43 per cent of the 1,000 businesses polled...

    "...know where their data was physically stored."

    Well, it's in the Cloud, isn't it...?

  7. Anonymous Coward
    Anonymous Coward

    Would a link....

    ..to the report be too much to ask?

    1. Tom 13
      Devil

      Re: Would a link....

      Yes. Somebody could use the link to compromise their systems. We wouldn't want that now would we?

      But that okay. We have this nice secure Windows NT 4.0 box for you that is certified secure by NIST.

  8. WibbleMe

    What exactly accounts as a Cyber attack you website being hijacked or some one in Rusher trying to login to your account?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019