Cybercrime Costing UK Business Billions
Tue February 24, 2004 09:18 AM ET
By Bernhard Warner,
European Internet Correspondent

LONDON (Reuters) - Cybercrime cost British companies hundreds of millions, and perhaps billions, of pounds in lost business last year, and the next wave of Internet attacks is likely to be more severe, a conference heard on Tuesday.

In a police survey of 201 of Britain's largest companies, 83 percent said they had experienced some form of cybercrime in 2003, costing more than 195 million pounds in business downtime, lost productivity and perceived damage to their brand or share price.

Whilst it is too early to put an accurate figure on the total financial impact for UK businesses, all the indicators suggest that we are talking about billions rather than millions, Len Hynds, head of Britain's National Hi-Tech Crime Unit (NHTCU), said at the e-Crime Congress in London.

The crime wave's biggest target was the financial sector. Three UK financial services firms, which the NHTCU declined to name, reported cybercrime-related damages totaling more than 60 million pounds last year.

A relatively new crime hitting the sector is known as phishing where fraudsters send dubious e-mails or create spoof Web sites hoping to entice users to hand over their credit card or banking details.

Most major UK banks have been hit by the scam, including Barclays, Lloyds TSB and NatWest. Hynds said 50 UK businesses reported they were the victim of phishing attacks last year.

EASTERN EUROPEAN AND ASIAN CRIME GANGS

Police blame organized crime gangs, particularly those in Eastern Europe and Asia, as the biggest culprit for the outbreak.

Cybercrime has grown in parallel with the rise of online commerce, creating a major headache for police trying to tackle a criminal force that is difficult to trace.

The NHTCU said that of the companies hit by cyber-crime, less than one-quarter reported the matter to police. But, he added, two years ago no companies were reporting the matter for fear public disclosure would harm their business reputation.

David Aucsmith, chief technology officer for Microsoft Corp's security business and technology unit, said the next wave of digital attacks would be nastier.

He predicted cyber criminals will attempt to target banking systems, company payroll and business transaction data to intercept vast sums.

The future targets will be much more significant because they will represent true theft, Aucsmith said.

Other findings of the survey include:

Seventy-seven percent of respondents said they were the victim of a virus attack, costing nearly 28 million pounds.

Criminal use of the Internet, primarily by employees, was reported by 17 percent of firms at a cost of 23 million pounds.

More than a quarter of firms surveyed did not undertake regular security audits.
Source: Reuters