All FTSE 350 Firms 'At Risk Of Cyber Attack'

All FTSE 350 Firms 'At Risk Of Cyber Attack'

Every British company in the FTSE 350 list is vulnerable to cyber attacks from so-called economic terrorists which puts national security at risk, experts have warned.

The top firms on the London Stock Exchange are leaking crucial data that could be used by hackers to steal secrets and damage both businesses and the wider economy, according to a study by accountancy firm KPMG.

It found every single company left a trail of sensitive material online and revealed firms in the aerospace and defence sectors left themselves most exposed to an attack.

Martin Jordan, head of cyber response at KPMG, warned flaws in web security could ultimately threaten public safety.

"What our research has shown is that companies do not have full control of their web presence at a time when cyber security has been turned upside down," he said.

"Hacking is no longer about a few hacktivists. Now, hacking has become automated on an industrial scale - often with state sponsored agencies behind it - and attackers are aiming for an increased competitive edge by stealing company secrets."

The KPMG study found each firm leaked an average of 41 usernames and 44 email addresses.

"Our findings send out a clear message to business," Mr Jordan added. "While the internet may be a shop window to the world, it can also be a substantial security risk. FTSE 350 companies should accept that cyber threats are real.

"Protecting their networks is not just about self-interest. It is about safeguarding the economy and, in the case of critical national infrastructures, it is also about the safety of the population."

Cyber experts simulated the steps a fraudster might take to get inside the FTSE 350 companies. Their research was conducted using data available in the public domain and without breaching security, KPMG said.

It revealed aeronautical and defence firms leaked the highest number of internal email addresses - a fundamental component used in phishing to gain unrestricted access to a company's network.

Companies in the support services sector and the software and computer services sector were among the most vulnerable, KPMG said.

Other findings showed 53% of the FTSE 350 firms did not have up-to-date security or relied on old server software.

Ross Parsell, of defence firm Thales UK, said the report underlined a "high level of naivety" about cyber security among businesses.

"The consequences of cyber attacks are now so severe that cyber defence must become a board room discussion," he said.

American officials have long complained of cyber attacks emanating from China, with one security firm pinpointing a military building allegedly responsible for attacks.

However, since then former National Security Agency (NSA) analyst Edward Snowden claimed that the US was involved in widespread surveillance of the internet, email, text and voice calls globally, along with an offensive cyber programme.

:: According to cyber experts, the US remains the world's largest producer of commercially available spyware and covert software.

Our goal is to create a safe and engaging place for users to connect over interests and passions. In order to improve our community experience, we are temporarily suspending article commenting