Printed from BusinessInsurance.com

Chinese firms hit by huge increase in cyber attacks: Survey

Posted On: Nov. 29, 2016 11:56 AM CST

(Reuters) — Cyber attacks on Chinese companies have soared in the past two years, according to a survey, with new technologies that connect household items to the internet and allow them to receive and send data seen as particularly vulnerable.

The average number of cyber attacks detected by companies in mainland China and Hong Kong grew 969% between 2014 and 2016. The number of attacks averaged more than seven a day for each of the survey's 440 China-based respondents — around half of the global average of 13.

However, the average number of attacks fell by 3% globally over the last two years, and 30% since 2015, in contrast to the rise in China.

China's rapid adoption of new consumer and industrial technology for the internet of things, or IoT, era may be part of the reason. PricewaterhouseCoopers L.L.P., which conducted the survey, said such connected devices are the leading targets of cyber attacks.

"IoT devices in general have not paid attention to cyber security," said Marin Ivezic, a partner on cyber security at PwC in Hong Kong.

"In China and Hong Kong ... we have more adoption than anywhere else in the world," he said, noting China was also one of the biggest manufacturers of these items.

Chinese-made connected home devices such as webcams with security loopholes that gave way to botnet malwares were blamed by security researchers for a massive cyber attack in the U.S. last month that temporarily paralyzed major internet sites.

The Chinese companies surveyed had cut their cyber security budgets by 7.6% in 2016 compared with flat global spending. Thirty-four percent of them identified competitors as a source of attacks, a rate higher than anywhere else in the world.

The PwC survey does not track the country of origin of the attacks, which Mr. Ivezic said is "almost impossible." The drop in the global number of cyber attacks did not reflect a safer environment, he said, but was rather the result of more sophisticated cyber criminals who were more selective in who they targeted.