One in three of the UK's biggest companies has suffered hacking attempts on their websites in the last year, a government-sponsored survey has revealed.

According to the 2004 Department of Trade and Industry biennial Information Security Breaches Survey, conducted by a consortium led by PricewaterhouseCoopers (PwC), four per cent of enterprises - four times as many as two years ago - said their systems were penetrated last year.

The survey of 1,000 companies found that three quarters of businesses that reported system penetration rated it as their worst security incident of the year (worse than, for example, virus infections), with more than a third describing the impact as 'very serious'.

Main concerns were not so much financial loss or service disruption but the time spent on investigation and remedy, with a quarter of respondents admitting that these processes took between two and 10 man-days of effort.

"A lot of the time hackers take over an individual account and use it to store material or investigate the system further," Chris Potter, partner at PwC, told vnunet.com.

"The time [is spent] in tracking down exactly where they've been."

Firewalls remain the main prevention tool, with more than three quarters of businesses deploying one. But in half of the cases a firewall was their only protection. Another 12 per cent of those surveyed admitted to having no protection at all.

Despite this, businesses remain largely satisfied with the effectiveness of their prevention measures; 72 per cent expressed confidence in their ability to detect or block security breaches.

But the report warned that such confidence could be misplaced. It found that many organisations do not test their network security, although larger firms tend to use more tools to scan their systems for vulnerabilities.

"The survey findings point to a real concern that businesses without the right monitoring and intrusion prevention processes in place may have a false level of comfort," said Andrew Beard, advisory services director at PwC, in a statement.

"Scanning and hacking activity may not be detected until it is too late to react."

Firms may also lack the expertise to identify where hackers have been following an attack.

"We've seen an increase in the number of people who have the basic knowledge to do this within large enterprises, but within SMEs it's a skills-set that is difficult to find internally and expensive to buy in externally," said Potter.