Every single British company in the top FTSE 350 list is vulnerable to cyber-attacks from “economic terrorists” who could defraud or inflict reputational damage on them, according to a KPMG security analysis.
In an extensive report by the firm’s Cyber Response Team on the security arrangements of the largest 350 companies on the London Stock Exchange, each company was found to have left sensitive data available online which could be exploited by hackers. On average, each firm had 41 usernames, 44 email addresses and five sensitive internal file locations leaked online.
Over half (53%) of the firms did not have up-to-date security patches or were using old software, leaving them vulnerable to attack.
Martin Jordan, head of cyber response at KPMG, told the Huffington Post UK: “The bad guys pick up the digital detritus leaked by companies to the internet and use it to break in.”
“There are certain groups in the world like foreign terror cells and intelligence agencies who are currently doing this but don’t want to be publicized.”
“More and more these attacks are becoming overt and causing disruption. What will happen if somebody does decide to take out half the internet in the country in an act of economic terrorism?
“We’ve all built big castles with big moats and piranha fish to keep the guys out in the cyber world, but the bad guys are just outside lobbing flame arrows over the walls."