Is Homegrown Cyber-crime the Next Big U.K. Security Threat?

ThreatMetrix report finds that nearly three-quarters of cyber-attacks come from inside the United Kingdom.


By Michael Moore

Far from keeping aware of threats from around the world, it seems that some of the biggest cyber-security threats facing British businesses, in fact, come from within the United Kingdom.

A report from security firm ThreatMetrix has discovered that nearly three quarters (72 percent) of attacks come from sources within the United Kingdom and Ireland, showing that the foreign menace isn't as bad as thought.

In fact, the second-largest proportion of attacks against British businesses actually comes from Mexico, where ThreatMetrix says there is evidence of "a growing cyber-criminal network," followed by Nigeria, Germany and the United States filling up the top five.


ThreatMetrix used data from over a billion transactions per month from some of the world's largest brands to construct the report, which also found that the growing home-grown cyber-crime epidemic is not unique to the United Kingdom and Ireland.

Ninety-three percent of the attacks taking place in China were found to be originating from within the country, with France (87 percent), Germany (81 percent), Italy (94 percent) and Russia (85 percent), also showing that hackers tend to look close to home when seeking a victim.

Of the threats detected, impersonation or "spoofing" attacks were named as the most common threat, including more than 11.4 million fraud attempts identified during the last peak Christmas shopping period at the end of 2014.

Mobile fraud proved extremely costly to British businesses last year, it was revealed, resulting in £2.92bn in lost orders. But the report also found that customers were also continually put off by over-complicated and lengthy authentication processes, leaving many to just abandon their purchases.

But such security does need to stay in place, with ThreatMetrix warning businesses to be particularly vigilant of users creating new accounts, which can often be done using stolen identities that can then be utilized for criminal purposes.

Mobile fraud has also become a more prevalent threat, with so called 'device spoofing,' where hackers imitate another smartphone or tablet with login access, now becoming the most popular attack vector.

"Trust is critical in an online commerce environment," said Tony Larks, ThreatMetrix's EMEA director of research and communication. "But nowadays this goes both ways as businesses need to be assured of a customer's legitimacy as well as vice versa.

"Organizations are taking a 'one size fits all' attitude to security and without taking a bespoke approach that looks at context and the history of these. Digital Identities, online retailers in the U.K. are in danger of driving their own customer base away and losing millions of pounds."