Since the advent of the most rudimentary technology, criminal activity has followed. And in more recent times, the internet certainly has been no stranger to criminal enterprises. Indeed, governmental entities, companies and individuals are falling victim to all sorts of cyber-crimes on a constant basis. A look at just one criminal target drives home the rampant nature of online attacks.
Brace yourself for this – the City of London Corporation suffered almost one million cyber-attacks monthly for the first quarter of 2019, based on information obtained by Centrify as reported by info security-magazine.com. That indisputably is a phenomenal number of attacks on the local authority which oversees capital housing for a good portion of the financial center in London.
In total, the City of London Corporation endured practically 2.8 million attacks during the subject time period, averaging 927,000 per month. And the trend is troubling, as this represents a 90% increase from the preceding quarter, last quarter of 2018.
The largest category of attacks were classified as spam, which can be burdensome, but fortunately, often may not result in significant damage or harm.
The second largest category was attributed to “spoof mail,” likely relating to phishing efforts.
There were also a large number attacks referred to as “top malware.”
On the one hand, the sheer number of attacks is of concern, especially the sharp upward trend. On the other hand, it is positive that at least the attacks are being detected.
Nevertheless, the City of London Corporation houses sensitive information within its systems and databases, and like other government entities and companies maintaining sensitive information, is a target by cyber-criminals. While phishing and malware at first blush might not sound so troubling at first blush because they do not necessarily get the headlines like a distributed denial of service attack that shuts down a web site, the mass scale of such attacks can result in significant collective harm.
The challenge is to stay ahead of cyber-criminals by putting security and detection technology measures in place and to keep updating those measures as cyber-criminals continue to become more sophisticated and adept in the criminal practices.
Eric Sinrod (@EricSinrod on Twitter) is a partner in the San Francisco office of Duane Morris LLP, where he focuses on litigation matters of various types, including information technology and intellectual property disputes. You can read his professional biography here. To receive a weekly email link to Mr. Sinrod’s columns, please email him at firstname.lastname@example.org with Subscribe in the Subject line. This column is prepared and published for informational purposes only and should not be construed as legal advice. The views expressed in this column are those of the author and do not necessarily reflect the views of the author’s law firm or its individual partners.