There’s an unceasing wave of attacks against computers and servers, and cyber security services have never been more essential.

Share this Blog post

The digital world has opened up vast opportunities for businesses, allowing companies to scale-up at speed without high costs and tap into markets at home and right around the world. It lets staff work from wherever they want, and even entire enterprises can be remote and work from different countries. But the ease and advantages often come at a cost because the threats of cyber attacks and other nefarious activities online are all too real, crippling companies large and small and causing them untold misery as well as putting them at risk of sizeable fines. 

Cyber attacks are so common and widespread that the former head of Cisco, John Chambers, has said: “There are two types of companies: those that have been hacked, and those who don’t yet know they have been hacked.” It is happening all the time with hackers trying to gain entry to all kinds of systems and steal their data, aiming to sell it on or hold the company to ransom for enormous sums. 

And it’s such a pervasive and unrelenting problem that it's been estimated that cybercrime will cost companies $6 trillion by 2021 globally, a doubling of losses and damages at the hands of online criminals in 2015 — and UK firms are among those that are the worst-affected financially

According to IBM's Cost of a Data Breach Report 2020, the global average total cost of a cybersecurity incident in 2020 is $3.86 million — it typically takes 280 days for firms to realise they're being attacked and to try contain it (that's around nine months). 

Then there's the reputational damage that cyber-attacked firms suffer, as customers wonder if their data will ever be safe with them again, not to mention fines that can be astronomical for failing to protect personal information stored and used digitally. In the UK and across Europe, penalties fall under the General Data Protection Regulation, which sets out a maximum fine of €20 million (£18 million) or 4% of annual turnover — whichever is larger — for data breaches. 

Common Cyber Attacks

The need for vigilance and robust cyber security services has never been greater, and the different ways that criminals aim to get hold of companies' data, as well as trying to disrupt their operations, are growing. Here are some of the most common.


One malicious way that people or groups try to extract information — and cash — from companies is to deploy malware, which is a broad term covering everything from viruses to worms, spyware and more. These pieces of destructive software are typically unleashed when someone clicks on a link or attachment in an email sent to them, and then they bore into the system and spread all around it. They can be hard to locate and kill off, especially if they're new and antivirus or antimalware scanning software hasn't yet been updated to detect and destroy them. Malware can do various things in a system, including sending information from a hard drive, blocking accesses to parts of a network and making the system inoperable — at which point you might receive a hefty ransom demand to unlock it. 

Denial-of-Service Attack

When hackers want to bring a network to a halt, they frequently opt for a denial-of-service (DoS) attack. They're not aiming to steal any data, but to disrupt operations so that most people are unable to gain access to their online offerings. It's carried out with an army of computers — some of which may have been unwittingly commandeered or hijacked (“zombie computers”) — so that too much traffic is sent to servers at once and they typically crash. Reasons for carrying out such attacks are often political and also due to hacktivism, and many companies that are hit believe it's their competitors behind them. 


Another common cyberthreat is phishing, which can seem similar to malware. It usually involves a criminal sending an email that resembles official mails from an institution like a bank, complete with its logo, font, style of writing and other elements designed to hoodwink the recipient into thinking it's real. Most often, with phishing, criminals are looking for credit-card details and passwords, and they may get them if you click on a link contained in the fake email. They can be hard to recognise as attacks because they're trying to dupe you into thinking it's something urgent you have to do — for example, to protect your bank account when the opposite is happening. 

Man-in-the-Middle Attack

A man-in-the-middle attack happens when a cybercriminal breaches communications between a user and a server and steals information. They most frequently occur when using unsecured wifi connections, such as those that are available for free at cafés, airports and other public places, and the user will be unaware that the attacker is accessing their data. Such attacks also involve criminals installing software on the victim's computer that's used to find and steal personal information. One way to avoid man-in-the-middle attacks is to never use public wifi.

Drive-by Attack

Also known as a drive-by download, a drive-by attack is where criminals can access a vulnerability in a website and install malicious code. It's so named because there's nothing to click on to activate the code so that it installs on your hard drive — just visiting and looking at a webpage is sufficient to cause infection, and you have no idea it's happening as you scroll down. Ways to prevent drive-by attacks from happening include updating your browser and any plug-ins you use and never using out-of-date operating systems. 

SQL Injection

This type of cyber-attack happens when someone inserts or "injects" malicious code into an SQL database storing large amounts of information. The criminal can then read the data and do a number of other things, possibly even taking control of some elements of the operating system by using various kinds of commands. Hackers may alter the data, by changing transactions and balances, and they can also encrypt the database information so that a company can't use it or threaten to destroy it — in both instances, they most likely will issue a ransom demand. 


These are just some of the cyber-attacks playing out every day. Others include password, eavesdropping, birthday and cross-site scripting attacks. It’s a lot for one company or organisation to keep up with so they don’t fall victim and suffer reputational and financial harm — twice, once at the hands of cybercriminals and again due to official fines. 

It's a sure bet that hackers are dreaming up ever more elaborate attacks and scams, meaning no company can afford to go without the best cyber security services they can get. 

How We Can Help

Stay on top of the latest cybersecurity threats to your network by getting a free consultation with the experts at ITRM today and ensuring you’re as secure as possible.

Share this Blog post

Related Articles

Our top tips on improving security for the new remote workplace

Our top tips on improving security for the new remote workplace

Having been forced to implement quick changes to the way we previously worked due the current pandemic, many businesses managed security in the moment. Now is the time to revisit your IT security and here are some key considerations...

1st March 2021
Security in a remote workforce: Your staff are working remotely, but are they working securely?

Security in a remote workforce: Your staff are working remotely, but are they working securely?

With very little notice, many UK businesses were required to support employees to work from home wherever possible. For most, this shift has been successful but the rush in doing so has left gaps in their IT security.

18th February 2021
Visit our blog for more articles like these
Find Out More

Do you have any questions about our services?

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.


Let us know you agree to cookies

We use cookies to give you the best online experience.