City of London bombarded with one million cyber-attacks every month

Cyber security experts have warned of the growing risks that hackers pose to councils after official data reveals that the City of London Corporation has is attacked with malware and viruses nearly one million times per month

by Patrick Sullivan, Political Editor on 23 August 2019 11:19


The City of London Corporation has been targeted by nearly one million cyber-attacks each month for the first quarter of 2019, according to Freedom of Information (FOI) data obtained by Centrify. The data revealed that the governing body was hit by nearly 2.8 million attacks in the first three months of the year, which equated to an average of 927,000 per month.

The attacks have risen significantly from the 489,000 per month recorded in April-December 2018. In total, the City of London suffered 7.2 million attacks from April 2018 to March 2019, of which, the vast majority - 6.9 million - were classed as spam. The second highest category was “spoof mail,” at 244,293 attacks, likely related to phishing attempts.

There were also 17,556 detections of “top malware.” The findings could either be interpreted as a worrying rise in attacks, or proof that detection methods are getting better.

As well as 10,000 residents, the City of London welcomes millions of annual tourists thanks to attractions like the Tower of London and hundreds of thousands of daily commuters who work in one of the world’s biggest financial hubs.

“The high volume of sensitive public information contained within the systems and databases of organisations like the City of London Corporation make it a top target for cyber-criminals. Malicious email scams such as phishing and malware attacks form a substantial part of the wider cyber threat facing councils across the country, in London and beyond,” warned Centrify VP, Andy Heather.

“With so many attacks taking place every day, it’s vital that all organizations adopt a zero trust approach to user activity, to prevent hackers gaining access to council systems using legitimate log-in details that may have been stolen or purchased on the dark web.”

blog comments powered by Disqus