BBC fends off almost 50 million email attacks in four months
Official figures show that the BBC fends off an average of 383,278 email attacks every day and faced nearly 50 million in total between October 2021 and January 2022.
Technology Magazine asked Steve Bradford, Senior Vice President at cyber security firm SailPoint and Dan DeMichele, VP, Product Management for freemium password manager LastPass for their views on what this means for national security in the UK, and beyond.
Robust measures at top organisations to deal with rising threat
Attacks on high-profile media organisations have been sent soaring due to the amount of sensitive intelligence they gather for investigations. Bradford and DeMichele, united in their fight against this threat, consider why it is critical that organisations ensure they have robust cyber security measures in place in order to spot unusual, suspicious behaviour well before a breach occurs.
Reflecting on the high figures at the BBC, Bradford said: “No industry is untouchable when it comes to cybercrime. Attacks on high-profile media organisations have been sent soaring due to the amount of sensitive intelligence they gather for different investigations. That the BBC has fended off almost 50 million cyber attacks in just four months shows how just how intensely cyber criminals are operating in order to get what they want."
DeMichele added: "The latest wave of cyberattack attempts is a powerful reminder of their increasing sophistication. Driven by the pandemic with more staff than ever working in a hybrid environment, in our heightened cyber threat landscape there has been a significant rise in attacks. The message is clear – everyone needs to be prepared."
Bradford states that “to manage these risks effectively, organisations must ensure they have robust cyber security measures in place - not just increasing training and awareness for staff to spot threats like phishing scams, but also investing in technology like identity security to manage who has access to what, and when. This is crucial to spotting unusual, suspicious behaviour and dealing with threats well before a breach occurs.”
Human error is unavoidable
According to DeMichele, To help keep credentials out of the hands of cybercriminals, organisations can start by educating employees to know what to look out for, and how to spot the signs when something looks slightly off.
"Using caution across all channels, reviewing email addresses and trusting gut instincts are the first step in ensuring an organisation remains safe from cyber-hackers. If an employee is concerned about anything that crops up, they should reach out to the security or IT team for help. However, human error is unavoidable and these types of phishing attempts try to evade human detection. Luckily, a password manager does more than generate and store unique and long-character passwords, they help flag phishing websites too. If you own a password manager that automatically fills credentials, but only on the URL stored in their vault, employees can rest assured that their password manager will not log them into a site if the URL does not match.
DeMichele says the lesson here is: “Cybercriminals are always looking for ways to get hold of data: don’t make it easy for them.”