A London listed company lost £800 million as a result of a state-backed cyber attack, according to the director general of the UK’s security service Jonathan Evans.
The loss stemmed "not just through intellectual property loss but also from commercial disadvantage in contractual negotiations", he said.
Evans made the claim in the Lord Major of London’s annual security lecture yesterday, in which he warned that businesses are as much the target of state-back cyber attacks as government organisations.
"The front line in cyber security is as much in business as it is in government," he said. "What is at stake is not just our government secrets but also the safety and security of our infrastructure, the intellectual property that underpins our future prosperity and the commercially sensitive information that is the life-blood of our companies and corporations.
"And the threat to businesses relates not only to major industrial companies but also to their foreign subsidiaries, and to suppliers of professional services who may not be so well protected."
At last week’s Enterprise Security 2012 event, Henry Harrison, technical director at BAE Systems Detica, said that state-backed cyber attacks designed to steal intellectual property or commercially sensitive information are not uncommon.
Most work by fooling employees into clicking a malicious link or downloading malware attachments, he said, and many are extremely sophisticated. One attack worked by compromising an angling website that the executive at a company was known to visit frequently.
Harrison observed that state-backed commercial espionage is nothing new, pointing to historical examples such as Robert Fortune, a botanist who stole the secret of making tea from China after striking a deal with the East India Company.