UK businesses must adopt longer passwords to tackle rise in Russian cyber-attacks, experts warn

Businesses are being urged to increase the length of online passwords amid growing fears of a surge in cyber-attacks.

Following a series of high-profile attacks by pro-Russian hackers on the FBI website and Australian private health insurance giant Medibank in recent weeks, many of the UK’s biggest banks are believed to have begun bolstering their digital defences to protect against criminal activity.But with an estimated 90% of British businesses still vulnerable to online attacks, cyber experts are urging firms struggling to finance major upgrades to take action by increasing the length of their passwords.

Leading UK IT services provider and leading cyber security specialist Linten Technologies said adding just one extra character could be the difference between losing critical access to company files and being alerted before cyber criminals gain access.

Linten Technologies CEO and founder Steven Allan said it was imperative firms acted now by strengthening their passwords before it’s too late.

“There is a real danger that UK businesses won’t be ready for what could have a devastating impact on their operations,” he said. “Without huge investment in cyber security, many companies will need to adopt alternative approaches.

“Passwords are undoubtedly the cyber security gatekeepers for most firms. It is vital that these are robust so, if an attack happens, they effectively act as a first line of defence before hackers gain access.

“Research has shown that by simply adding one extra letter, digit or symbol to a password can make all the difference.“Typically, a 10-character password can take hackers just 26 minutes to break, whereas a password with 11 characters can take about three days.

“The world of cyber is rapidly evolving. Previously, eight-12 characters were typical password lengths, but now between 10-18 – and sometimes 16-24 – are increasingly becoming the standard.”

The stark warning follows a number of high-profile attacks by alleged pro-Russian hacktivists.

As well as the FBI attack earlier this month, Medibank customer data related to claims for mental health treatment was posted on the dark web by a hacker group aligning itself with Russia.

The group said it would not have shared the information if a ransom had been paid.

It is feared that the UK’s continued support for Ukraine in its war with Russia could spark a virtual invasion on home soil.

This is likely to increase concern among British firms already struggling with a surge in cyber crime over the last year.

According to the Government’s annual Cyber Security Breaches Survey, 31 per cent of businesses and 26 per cent of charities identified a cyber-attack at least once every week – an increase from 27% of businesses and 23% of charities in the previous year.

Allan, who launched Linten Technologies in 1999, said making small and cost-effective changes to cyber defences will make it significantly more difficult for hackers to breach a network.

“We always advise clients to stay well away from common password types such as ‘password123’ or the names of loved ones,” he said. “These are very easy to penetrate and will not provide the level of protection needed in the coming years.

“It is recommended to incorporate a password with three random words that is hard to figure out.

“Just a few password tweaks can make a real difference in protecting business assets and identifying attacks before security is completely breached.”