In This Threat Report

The UK cyber threat landscape has escalated. In this, our fourth UK threat report, we find that attack frequency and sophistication have reached unprecedented levels; 98% of security professionals said the volume of attacks they faced has increased. The increase in attack volume has jumped from 84% in October 2019 as attackers employ a more diverse range of tactics and techniques than ever before in a bid to extort, disrupt and infiltrate organisations.


The considerable leap in attack frequency and sophistication revealed in this iteration of the report shows that, however fast UK businesses may be adapting to the intensifying environment, the cyber threat landscape is evolving faster. 96% of security professionals say attacks have become more sophisticated, 39% of those say they have become significantly more advanced, an increase on the 28.5% that noted an increase in attack sophistication in October 2019.

96% of security professionals say attacks have become more sophisticated.

Third Party Breach Risk On The Rise

In addition to the general escalation in intensity, this report reveals a shift in the causes of successful breaches. OS Vulnerability was the top cause of breaches with 15.5% closely followed by Island hopping with 15%, despite only featuring in a small percentage of attacks experienced, together with third party applications. Furthermore, 6% of breached businesses had been compromised via their supply chain. Clearly, the extended enterprise ecosystem is generating considerable security concerns.

A Complex, Crowded Environment

Respondents are already operating an average of more than nine different consoles or agents to manage their security program. This indicates a security environment that has evolved reactively as security tools have been bolted on to tackle emerging threats, not built-in. This has resulted in siloed, hard-to-manage environments that hand the advantage to attackers from the start. As the cyberthreat landscape reaches saturation, it is time for rationalization, strategic thinking and clarity over security deployment.

Island hopping, despite featuring low in attack type experienced, was a prime cause of breaches.

All but one of our survey participants anticipated an increase in spend.

51% say they will need to increase security spending on cybersecurity programmes.

The Impact Of COVID-19

The sudden global shift to homeworking due to COVID-19 has both increased cyberattack activity and exposed some key areas for security teams to address and learn from going forward. Our COVID-19 research has found that the predominant gaps identified in disaster recovery planning revolve around communication with external parties such as customers, prospects and suppliers, as well as challenges enabling the remote workforce and communicating with employees.

Survey Sample: What Has Been The Most Prolific Type Of Cyberattack Your Company Has Experienced In The Last 12 Months?

Custom malware tops the table again, with a quarter of respondents seeing it as the most frequent attack type (up from 21% last time). Commodity malware has seen a 6% jump from last time, comprising 16% of the attacks faced.

The frequency of process hollowing attacks has quadrupled from 3% to 12% since October 2019, indicating a growing attacker focus on gaining undetected access to networks. Also appearing on the attack radar for the first time is island hopping, seen in 6% of incidents. While this figure may seem low, these types of attacks are proving effective, as later analysis shows.

Interestingly ransomware has dropped from the second most-frequently experienced attack to 9th on the list, comprising just 5% of attacks compared to 15% in October 2019.

Financial services are at the mercy of custom malware with 47% saying this was the most frequently experienced attack type (compared with an average of 25%).

Manufacturing and engineering company respondents were proportionally more affected by commodity malware, with 26% experiencing it most frequently compared with an average of 16%.

Nearly half of those surveyed reported very significant gaps in terms of the effectiveness of their disaster recovery planning around communication with their external parties.

Nearly half of those surveyed reported very significant gaps in terms of the effectiveness of their disaster recovery planning around communication with their external parties.

Download the Complete Report Now