How to detect cyber attacks early

Online fraud has now become the UK’s most common crime according to the annual Crime Survey of England and Wales (CSEW).

Cyber criminals stole £124m via the Internet in 2016 – a 1,266 per cent jump compared to 2015, according to the latest KPMG Fraud Barometer. A recent report by industry analysts Cybersecurity Ventures predicts cyber crime will only increase – costing the world £4.7tn by 2021. As many victims do not report incidents, even these figures could even be an underestimate.

Businesses and organisations that store personal and financial data of clients will not have the option of keeping an online security breach to themselves. From May 2018 the new General Data Protection Regulation (GDPR) will demand that security breaches involving other party’s data must be reported to the authorities within 72 hours of detection. Fines for a failure to do so can amount 4% of worldwide turnover or 20 million Euros.

Detecting website security breaches before the criminal steals the business data is a challenge for most businesses. It’s common for successful cyber attacks remain undetected by organisations for 6 months or longer.

So what can be done to detect cyber attacks early and avoid GDPR penalties? These 10 actions can provide a good basis in the early detection of cyber attacks, as well as mitigate the risk of penalties by showing a proactive and responsible approach to safeguarding users’ data:

Check your website regularly

A routine daily check for any odd changes to your website, such as new strange text appearing or PHP errors, can be giveaways of an attack.

Monitor website alerts regularly – Attack traffic usually has a very specific pattern to it and hacked sites often see dramatic spikes in traffic, so continual monitoring of a website alerts is recommended.

Use threat detection software – Leading products should be able to detect intrusions within minutes. It’s an investment well worth making.

Use a honeypot – Honeypots appear to be a legitimate part of a network containing valuable data, but they are decoys containing no useful information for cyber criminals. As soon as a honeypot has attracted the attention of the cyber criminal, a warning is triggered and the attack can be confronted.

Learn from the past to predict future attacks – Cyber criminals certainly learn from experience and for businesses that have been successfully attacked it’s worth using an otherwise painful episode to good use. Cyber criminals certainly do like to strike in the same place twice – and by the same methods. Pre-emptive action and monitoring based on past attacks can lead to quick identification of a security breach.

Train your employees – by keeping your team trained and up to date with cyber threats, they are much more likely to spot a threat and a lot less likely to click on a well crafted phishing email.

While the above actions will help reduce time in identifying a security breach it’s also worth spending resources preventing cyber attacks. Cyber criminals look for the most vulnerable websites. So simply installing the latest updates will reduce the chances of being hacked. Our own research based on 60,000 websites found that 78% are vulnerable to cyber attacks and the most common reason? Not installing updates.

Any organisation that wants to check its website’s vulnerabilities can do so here with a free scan.

By Benj Hosack, chief commercial officer at Foregenix

Join our free-to-attend digital event, Last Thursday in Privacy, addressing data protection, privacy and security challenges including working from home, COVID-19, global regulations and more. Visit

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.

Privacy Culture: Data Privacy and Information Security Consulting, Culture & Behaviour, Training, and GDPR maturity, covered.