• Unseen and unreported: extortion more common than data theft as diversity of cyber-attacks laid bare

New figures from Grant Thornton reveal that extortion and blackmail are more common forms of cyber-attack on businesses than theft of data or intellectual property

This comes as the volume of attacks globally has risen sharply over the last 12 months. According to Grant Thornton, the findings lay bare the diversity of the threat to businesses today and the breadth of the response needed to remain resilient.

Grant Thornton’s International Business Report (IBR) finds that nearly one in four businesses worldwide (21%) have faced a cyber-attack over the last 12 months. This compares to 15% who said the same a year ago.

Grant Thornton’s research reveals that the proportion of businesses suffering cyber-attacks has increased sharply in the developed economies of North America (18% last year to 24% this year) and the European Union (19% to 32%), as well as in Africa (10% to 29%) and Asia Pacific (9% to 13%).

Of those who were attacked, the most common form of cyber-attack cited was damage to their business infrastructure (cited by 22% of firms). But other forms of cyber-attack experienced include using blackmail or extortion to obtain money (17%), a more common occurrence than theft of customer financial details (12%) or theft of intellectual property (11%).

Paul Jacobs, Global leader – cyber security at Grant Thornton, commented:
“Blackmail and extortion is traditionally seen as an ugly form of financial crime. But in the online world it is incredibly organised. It may come as a surprise that more businesses have faced extortion or blackmail than a direct theft by online criminals, but this reflects an unwillingness among victims to publicise their involvement in this sort of cyber-attack.

“These online extortion attempts, whether Malware or Denial of service based, tend to be high volume with a lower average financial impact. However, organisations will experience a larger financial loss on their business from reputational damage, theft of customer details, theft of intellectual property, and potentially physical or infrastructural damage.”

“Whatever form cyber-attacks come in though, for businesses today it’s a question of when rather than if. Building cyber resilience must therefore be a company-wide priority. Yes, strengthening defences to prevent attacks occurring is vital. But it doesn’t end with pulling up the drawbridge. Firms which overlook being mobilised and ready to respond to attacks after they have occurred do so at their peril. That preparedness needs to be multifaceted, too. Simply guarding against one form of attack won’t cut it.”

“There needs to be urgency and proactivity among business leaders as they formulate plans to deal with cyber-attacks. One critical element is understanding the value of the data they hold, and making sure the most important data - that which would cause most damage if compromised - is properly protected.”

The IBR findings also reveal that globally, of those business leaders who have faced a cyber-attack in the last 12 months, nearly one in eight (13%) only realised the attack had occurred more than a week after the event. For 4%, it took longer than a month.

Paul Jacobs added:
“Too many businesses are spotting cyber-attacks too late. That is a real danger. They may haves strengthened firewalls or obtained cyber insurance, but if attacks are not spotted quickly, firms could well find circumstances are out of their control.

“It will take investment to minimise damage when the inevitable occurs. Knowing when you’ve been breached is an essential part of that. Businesses that cannot identify attacks promptly run the risk of heavy financial consequences. Damaging reputational fallout, in the shape of eroded trust among customers and other stakeholders, is also a real possibility.”

– ends –


For further information please contact:

John Vita
Grant Thornton International Ltd
T +1 312 602 8955 | Fax +1 312 565 4719
E John.Vita@gti.gt.com

Notes to editors

The Grant Thornton International Business Report (IBR), launched in 1992 initially in nine European countries, now provides insight into the views and expectations of more than 10,000 businesses per year across 37 economies. More information: www.grantthornton.global

Questionnaires are translated into local languages with each participating country having the option to ask a small number of country specific questions in addition to the core questionnaire. Fieldwork is undertaken on a quarterly basis, primarily by telephone. IBR is a survey of both listed and privately held businesses. The data for this release are drawn from interviews with more than 2,600 chief executive officers, managing directors, chairmen or other senior executives from all industry sectors conducted in July through September 2016.