Corporations are increasingly vulnerable to illegal hacking warns a new report

Corporate IT systems are increasingly vulnerable to illegal hacking by cyber-criminals intent on gaining access to sensitive information and disrupting the normal flow of business, security experts warned.

The threat, which the recently launched UK national cyber security strategy is seeking to tackle, is heightened by the recession as criminals are more likely to commit acts of fraud and e-espionage, said PricewaterhouseCoopers LLP.

In its latest report PwC suggests that cyber criminals are launching increasingly sophisticated attacks to gain access to sensitive data held by governments and companies.

Foreign states are sometimes believed to be responsible. China is believed to be behind a number of cyber attacks against America and Britain. According to reports, the People’s Liberation Army prepared plans to disable America’s aircraft battle carrier fleet through cyber attacks. But the covert nature of most of these activities means that it is very hard to establish where they come from.

If cyber-criminals do gain access to critical business systems, the impact for them could be disastrous. Companies could see their products reverse-engineered without their knowledge, for example. A criminal seeking to undermine an organization could also modify financial, regulatory or safety data, warned PwC.

“These criminals are smart, well-funded and adept at covering their tracks.

William Beer, director, OneSecurity, PwC

The growing use of outsourcing can also increase the vulnerability of companies as criminals seek the weakest link in firms cyber armour.

William Beer, director, OneSecurity, PwC, commented: ‘These criminals are smart, well-funded and adept at covering their tracks.’

Companies have yet to grasp the enormity of the threat, said PwC. ‘Many organisations are still in the dark about if or how many times they have been the target of a cyber attack,’ added Beer.

The report suggested important actions that companies should take to assess the level of the threat and create an effective strategy to manage the risks.

See also: UK launches first cyber security strategy