Scottish Business Resilience Centre warn businesses to step up their cyber security


FOUR out of five Scottish businesses have had online security breaches so far this year, new figures show.

A report from the Scottish Business Resilience Centre (SBRC) found 81% of large organisations and 60% of small businesses in the UK have fallen victim to hackers.

And experts from the Cyber Security Consultant at SBRC warned that criminals are bypassing security measures by targeting the “cyber supply chain” of companies.


Suppliers are usually smaller companies working for large organisations and with less stringent IT security measures in place – presenting an easy target to hackers.

Oren Benshabat, Cyber Security Consultant at SBRC, said: “The cyber supply chain includes operations involving information and communication technologies, software distribution and operations within the cloud which is the backbone of today’s digital economy.”

He added: “Hackers who get into a company’s network could bring a business to its knees with just a few clicks of a mouse.”

Mr Benshabat said companies in the energy sector have recently been under attack from a group of hackers known as the “Dragonfly Group”.

He said: “This group hides malware inside files on websites commonly used by the energy sector, which are downloaded by unsuspecting employees.

“Once this malware infects a system it will steal confidential files and data and send it back to the hackers.

“This group finds the soft underbelly of its targets by compromising their suppliers which are invariably smaller, less protected companies.”

In May, global management consulting firm McKinsey & Company warned the economic costs of cyber crime could run into trillions of dollars.

The company said there would be “large negative economic implications” if businesses did not improve their security defences.

A report by American telecommunications company Verizon in April this year found a large increase in incidents of cyber crime across the 95 countries it analysed – with over 63,000 security incidents recorded across the last year.