Report on cyber security in UK businesses makes for depressing reading, but the real problem could be much worse

A cyber-security survey carried out by Ipsos Mori has revealed almost half of UK businesses were attacked by cyber criminals in the past 12 months.

The survey commissioned by the UK government’s Department for Culture, Media and Sport found that overall 46% of all UK businesses identified at least one cyber-security breach or attack in the last 12 months – the number of identified attacks rises to two-thirds among medium-sized firms (66%) and large firms (68%).

Although these figures are alarming, cyber-security experts say these figures only account for known breaches.

In reality the examples of cyber attacks might be even higher than figures show.

“This is probably an underestimate if anything. Two reasons for this, firstly, this assumes they even know they have been hit, secondly people are more likely to under-report,” said Anton Grashion, managing director of security practice at software firm Cylance.

“Evidence of our testing when we run a proof of concept with prospective customers is that we almost invariably discover active malware on their systems, so it’s the unconscious acceptance of risk that plagues both large and small businesses.”

Among the 46% of businesses that detected breaches in the last 12 months, Ipsos Mori’s survey found that the average business faced costs of £1,570 as a result.

However, this figure is much higher for the average large firm, at £19,600, though the average medium firm (£3,070) and micro and small firms (£1,380) also incured sizeable costs.

“Many businesses still remain unprepared for a cyber attack because it’s difficult to prepare for something you don’t understand, can’t visualise, and haven’t experienced,” said Paul Edon, director at security firm Tripwire.

“The dynamic nature of cyber attacks often makes it hard to pinpoint a root cause, so executives with a desire to prepare are faced with choices, rather than clear actions to fund.”

Image courtesy of Fabio Lanari

The survey found only a quarter (26%) of surveyed companies reported their most disruptive breaches externally to anyone other than a cyber security provider.

The findings suggest that some businesses lack awareness of who to report to, why to report breaches and what reporting achieves.

In addition to not knowing where to report attacks, companies also claim they are unsure of where to obtain advice on how to prevent cyber attacks.

While 58% of businesses have sought information, advice or guidance on the cyber security threats facing their organisations over the past year, only 4% had consulted government or other public sector sources such as the police or regulators.

“British business need to realise there is an entire global cyber criminal economy that out earns the illegal drug industry in terms of revenue.

“Cyber programs need to wake up and adapt into a detect and response approach that places equal investments in prevention as it does detection of hackers,” said Paul Calatayud, chief technology officer at security company FireMon.

The full Cyber Security Breaches Survey is available here.

Researchers develop “spray-on” digital memory

The creation of a new “spray-on” digital memory device, produced using just an aerosol jet printer and nanoparticle inks, could take us a significant step forwards toward a future of low-cost, flexible electronics.  Acting like a USB flash drive, the new device is part of the rising wave of printable electronics.

The “spray-on” device, with a capability similar to that of a 4-bit flash drive, is the first fully-printed digital memory that would be suitable for practical use in simple electronics such as environmental sensors or RFID tags. Moreover, due to being jet-printed at comparatively low temperatures, it is possible to use in the building of programmable electronic devices on bendable materials like paper, plastic or fabric.

“We have all of the parameters that would allow this to be used for a practical application, and we’ve even done our own little demonstration using LEDs,” said Duke graduate student Matthew Catenacci, who describes the device in a paper published in the Journal of Electronic Materials.

The spray on memory, left, and an LED demonstration of the device conducted by the researchers

Roughly the size of a postage stamp, the device’s core is a new copper nanowire-based printable material that is capable of storing digital information. Made of silica-coated copper nanowires encased in a polymer matrix, the material encodes information in states of resistance, as opposed to the more usual states of charge.

With a small voltage applied to the material, it is possible to switch it from a state of high resistance, stopping any electric current, and one of low resistance, allowing current to flow. Moreover, unlike the silicon that largely dominates modern electronics, the nanowires and polymer can be dissolved in methanol, creating a liquid that can be sprayed through the nozzle of a printer.

“Memory is kind of an abstract thing, but essentially it is a series of ones and zeros which you can use to encode information,” said Benjamin Wiley, an associate professor of chemistry at Duke and an author on the paper.

“Most flash drives encode information in series of silicon transistors, which can exist in a charged state, corresponding to a ‘one’, and an uncharged state, corresponding to a ‘zero’.”

The results of the LED demonstration of the device. Images courtesy of Duke University

While not the first of its kind in regards to printable memory devices, the key importance of the new device is its practicality. The write speed is around three microseconds, rivalling the speed of flash drives. Additionally, tests found that written information may be retained for up to ten years, and the material can be re-written many times without degrading.

Although the memory currently available on the device is too small for storing anything like music files, the low cost and flexibility hold a lot of potential for applications such as RFID tags. Currently limited to just encoding a particular produce number, smarter RFID tags using the device could sense their environments and record the state over time.

In and of itself the device is not currently set to radically change electronics. It could however, be the gateway to a new generation of printed devices.