Report on cyber security in UK businesses makes for depressing reading, but the real problem could be much worse

A cyber-security survey carried out by Ipsos Mori has revealed almost half of UK businesses were attacked by cyber criminals in the past 12 months.

The survey commissioned by the UK government’s Department for Culture, Media and Sport found that overall 46% of all UK businesses identified at least one cyber-security breach or attack in the last 12 months – the number of identified attacks rises to two-thirds among medium-sized firms (66%) and large firms (68%).

Although these figures are alarming, cyber-security experts say these figures only account for known breaches.

In reality the examples of cyber attacks might be even higher than figures show.

“This is probably an underestimate if anything. Two reasons for this, firstly, this assumes they even know they have been hit, secondly people are more likely to under-report,” said Anton Grashion, managing director of security practice at software firm Cylance.

“Evidence of our testing when we run a proof of concept with prospective customers is that we almost invariably discover active malware on their systems, so it’s the unconscious acceptance of risk that plagues both large and small businesses.”

Among the 46% of businesses that detected breaches in the last 12 months, Ipsos Mori’s survey found that the average business faced costs of £1,570 as a result.

However, this figure is much higher for the average large firm, at £19,600, though the average medium firm (£3,070) and micro and small firms (£1,380) also incured sizeable costs.

“Many businesses still remain unprepared for a cyber attack because it’s difficult to prepare for something you don’t understand, can’t visualise, and haven’t experienced,” said Paul Edon, director at security firm Tripwire.

“The dynamic nature of cyber attacks often makes it hard to pinpoint a root cause, so executives with a desire to prepare are faced with choices, rather than clear actions to fund.”

Image courtesy of Fabio Lanari

The survey found only a quarter (26%) of surveyed companies reported their most disruptive breaches externally to anyone other than a cyber security provider.

The findings suggest that some businesses lack awareness of who to report to, why to report breaches and what reporting achieves.

In addition to not knowing where to report attacks, companies also claim they are unsure of where to obtain advice on how to prevent cyber attacks.

While 58% of businesses have sought information, advice or guidance on the cyber security threats facing their organisations over the past year, only 4% had consulted government or other public sector sources such as the police or regulators.

“British business need to realise there is an entire global cyber criminal economy that out earns the illegal drug industry in terms of revenue.

“Cyber programs need to wake up and adapt into a detect and response approach that places equal investments in prevention as it does detection of hackers,” said Paul Calatayud, chief technology officer at security company FireMon.

The full Cyber Security Breaches Survey is available here.

Scared of wasps and flying insects? Scientists use CRISPR gene-slicing technology to create “red-eyed mutant wasps”

In order to demonstrate that CRISPR gene-slicing technology can be used on even the smallest organism, scientists have created a strain of “red-eyed mutant wasps”

To produce the mutant wasps scientists from the University of California’s Riverside’s Akbari lab took eggs that are about a quarter the size of a grain of rice, injected them with components to mutate the DNA and put them inside a blowfly pupae (a type of cocoon).

Eventually the team also developed a protocol where genes that control the colour of the wasp’s normally black eyes were sliced.

The technique is challenging, said Omar Akbari, an assistant professor of entomology who led the research team, “but it is learnable. You need a really steady hand and it requires a lot of patience in micro manipulation that one can learn over time.

“You have to use a very-very fine needle and a microscope and individually inject hundreds to thousands of embryos, but in the end, we developed a protocol that can be used to cut the DNA in this organism and we showed that it works.”

Images courtesy of Akbari Lab

The purpose of developing a mutation in the wasps was to give scientists a new way of studying some of the wasp’s interesting biology.

Parasitic jewel wasps are capable of converting all their offspring into males by using selfish genetic elements.

By mutating certain chromosomes, the scientists will be able to identify genes that enable the wasps to kill female embryos, as well as allowing them to see how disrupting the wasps DNA affects the organism.

No one knows how that selfish genetic element in some male wasps “can somehow kill the female embryos and create only males,” said Akbari.

“To understand that, we need to pursue their PSR (paternal sex ratio) chromosomes, perhaps by mutating regions of the PSR chromosome to determine which genes are essential for its functionality.”

The scientists believe that their discoveries will, in time, provide a better understanding of the biology of wasps and other insects.

The research will also contribute to controlling insects that destroy crops or spread diseases like malaria.

As for the current batch of mutated scarlet-orbed wasps, they won’t be going away anytime soon.

The cuts in the DNA created mutant wasps with heritable traits, which means their red eyes will be passed down to all their offspring in the future.