top of page

Cybercrimes committed against businesses in the South East increase by more than 15% in last quarter

Sep 24, 2021

Between the period of April to June 2021, 69 businesses have reported being victims of cybercrime and of those most targeted were limited companies, charities, and sole traders. This is an increase of 17% compared to the previous quarter.

However, we know that cybercrime overall is underreported and the general trend for cybercrime reporting by businesses, has been downwards with an approximate 24% decrease in reporting from July to September compared to April to June.


Overall, for the previous quarter, the South East have accounted for 11.2% of all reported cybercrimes against businesses.


In this period, offences against businesses have experienced increases in several of the higher harm offence categories (Ransomware, Network Intrusion and Data Breaches). Of the 69 cyber-attacks reported, 27% of those were ransomware attacks.

However, email or social media compromise is still the most prominent cyber threat facing businesses, with 38 attacks in the last quarter.

Were there any industries or sectors identified as being particularly at risk in the last quarter? The education sector has been highlighted as a particular threat nationally. From March 2020 - July 2021, a total of 294 UK ransomware incidents were reported to Action Fraud, 46 of which involved the Education sector. This equates to 16% of the total number of ransomware incidents in this period.


In the period between April - June 2021, the South East region has seen 2 significant ransomware attacks impacting on schools. 1 being a university, whilst the other incident involved a Primary School. Sadly, evidence from the National Cyber Security Centre suggests that there is a particular type of ransomware campaign that is primarily targeting the education sector.


Who else has been affected? More generally, towards the end of Q4 2020/21 and start of Q1 2021/22, there has been a surge in ransomware attacks targeting SME’s in the region. The rise in reporting is likely to be a result of the work from home movement.


For cyber incidents that were either network intrusion, data breaches, DDos, ransomware or hacking, it was identified that the “Manufacturing industries” and “Professional, Scientific and Technical Activities” were the predominantly impacted industries.


Of the 7 companies classified as “Manufacturing industries”, 4 were linked to printing companies which could highlight a potential vulnerability within common products.


In July, Microsoft highlighted a vulnerability called PrintNightmare (CVE-2021-1675). This vulnerability enabled local privilege escalation which effectively gives people increased privileges and control over a device, creating security risks.


The other tops sectors that were impacted by attacks in the last quarter, included:

  • Manufacturing

  • Professional, scientific and technical activities

  • Wholesale and retail trader – repair of motor vehicles and motorcycles

  • Information and communication

  • Education

  • Health and Social Care

  • Financial and insurance activities

  • Real estate

What can I do to better protect my business and education establishment from ransomware and other cyber-attacks?

Ransomware is a malicious software designed to block access to a computer system, there are some simple steps you can take to help your business avoid falling victim to a ransomware attack.


To help the businesses and the education sector outsmart cyber criminals and toughen up their cyber security, the Cyber Resilience Centre for the South East (SECRC), has been established to provide businesses, schools, charities and third sector organisations, with an affordable way to access cyber security services designed to help improve cyber resilience.


We offer a free core membership to businesses in the South East, becoming a member will enable you to receive a welcome pack full of practical resources and tools, designed to help you identify your risks and vulnerabilities and the steps you can take to increase your levels of protection. Through your membership, you will also get regular updates on new threats, designed to help you stay safer.


Sign up via http://www.secrc.co.uk/membership or get in touch with us to receive a one to one consultation to see how we can support your business

Comments

NPCC
TVP Logo
Hampshire Police Logo
SEROCU logo
Surrey Police Logo
Sussex Police Logo
Cyber Essentials Logo
Cyber Essentials Plus Logo

The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of the South East Cyber Resilience Centre is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others.  Articles on the website cannot by their nature be comprehensive and may not reflect the most recent legislation, practice, or application to your circumstances. The South East Cyber Resilience Centre provides affordable services and Cyber Essential Partners if you need specific support. For specific questions please contact us at enquiries@secrc.police.uk.  The South East Cyber Resilience Centre does not accept any responsibility for any loss that may arise from reliance on information or materials published on this website.  It is not responsible for the content of external internet sites that link to this site or which are linked from it.

© 2022 - 2025 The South East Cyber Resilience Centre

Registered in England & Wales, No. 13263448 

TM

  • Facebook for South East Cyber Resilience Centre
  • LinkedIn for South East Cyber Resilience Centre
  • X for the South East Cyber Resilience Centre
  • Youtube for South East Cyber Resilience Centre
  • Instagram for South East Cyber Resilience Centre
  • RSS feed for South East Cyber Resilience Centre
  • Threads
bottom of page