Category: UK News

Categories
Cyber Security Infosec UK News

UK “Hardest Target For Cyber Crime”

There were 188 high-level cyber attacks in the UK between October 2017 and January2018, as dangerous and sophisticated attacks against both the government and businesses become more common. This figure comes from the National Cyber Security Centre (NCSC), the recently opened arm of intelligence agency GCHQ.

Part of a £1.9 billion five-year strategy by the UK government, the NCSC started work in October and is headed by Ciaran Martin, the former director-general cyber of GCHQ.

“We have had significant losses of personal data, significant intrusions by hostile state actors, significant reconnaissance against critical national infrastructure – and our job is to make sure we deal with it,” Martin told the BBC.

With attacks against political parties occurring across Europe, there is plenty of pressure on governments to react. Italy and the Czech Republic have both recently confirmed breaches of their foreign ministries, and there are concerns that political parties in France, Germany, the Netherlands and Bulgaria have also been targeted. This all comes after the continued and much-publicised accusation by US intelligence agencies that Russia interfered in the 2016 presidential election – a breach that was spotted by GCHQ.

“We want to make the UK the hardest target,” Martin said.

Ties to government and business

The government and the private sector will have a lot invested in the NCSC, as the UK’s digital sector is estimated to be worth over £118 billion a year. As such, the NCSC will have links to both its parent body, GCHQ, and to private businesses.

Martin announced that informal contact had been made with the GCHQ, with the two organisations set to share the intelligence agency’s skills and capabilities.

The NCSC is also expected to work informally with private businesses. Speaking at the centre’s opening, Chancellor Philip Hammond said that businesses will be invited to “second up to 100 employees to come and work in the NCSC – allowing us to draw on the best and brightest in industry – to test and challenge the government’s thinking”.

Hammond said that he hopes those people return to the private sector and draw on their experience, warning that government alone cannot protect businesses and the general public. “It has to be a team effort. It is only in this way that we can stay one step ahead of the scale and pace of the threat that we face.”

Cyber Incident Respose with Cyber Security Helpdesk

To protect against cyber attacks, all businesses should have an effective information security system management (ISMS) in place. ISO 27001 is the international standard that describes best practice for an ISMS. It covers people, processes and technology, recognising that information security is not about technology alone.

Categories
Cyber Security Cybercrime Internet of Things UK News

Internet Of Things – Household appliances vulnerable to hackers

An article in the Daily Telegraph today highlights the potential Cyber and Data risks that are inherent in certain “smart” household appliances.

Mike Barton, the Chief Constable of Durham Police, and the national lead on crime operations, has warned that consumers who purchase internet-enabled devices such as televisions, refrigerators “intelligent” childrens’ toys and even toasters(!) are leaving themselves susceptible to hackers who could use them to gain access to home wi-fi systems and ultimately sensitive banking and financial information such as bank accounts.

Mr Barton stated that criminals were “poised to take advantage of flaws in online security” and suggested that all appliances capable of connecting to the internet should carry a kitemark rating showing how secure they are.

Categories
Cyber Security Cyber Security in Scotland Cybercrime

Almost 60% of Scottish Councils Hit by Cyber Attacks

An investigation by The Scotsman revelaed that almost 60 per cent of Scottish councils and more than half of Scotland’s health boards have been targeted by cyber criminals since 2014, a Scotsman investigation has revealed. Nine universities and numerous government bodies have also been hit during the last three years, the investigation found.

Some local authorities reported being bombarded with thousands of spam emails and receiving ransom demands to decrypt data.

Freedom of Information requests showed 19 of Scotland’s 32 councils experienced either attempted or successful attacks since 2014.

Ransomware attacks were reported by 14 local authorities, sometimes on multiple occasions.

Four councils refused to reveal any information, with two fearing doing so would leave them vulnerable to future attacks.

Of the incidents logged by 19 councils, only nine authorities reported any of them to police, although no data was stolen or lost.

The investigation revealed Scottish local authorities were subject to more than 50 notable incidents in the past three financial years with Aberdeen City Council one of the hardest hit (2014 and 2017, it suffered 12 successful cyber attacks, including six ransomware incidents, having its webpage defaced and recording more than 15 million attempts, including intrusion threats, spam, web risks and viruses, in the last eight months of 2016).

Other Statistics:

  • Highland Council targeted 953 times (including two partially-successful ransomware attacks)
  • East Lothian Council received more than 415,000 unsuccessful spam emails
  • Perth and Kinross Council reported blocking an average of 1.2 million spam emails every month
  • Falkirk, Glasgow City, North Ayrshire and Dumfries and Galloway councils refused to disclose any details
  • Dundee City Council was on the receiving end of three ransomware attacks
  • North Lanarkshire Council had two malware incidents in 2015 and three ransomware in 2016
  • Edinburgh City Council reported nine incidents, including malware preventing access to systems, a sustained denial of service (ddos) attack, and malware being installed and copied
  • 11 of Scotland’s health boards were affected by the WannaCry attack in May which affected the NHS network across the UK
  • NHS Fife logged 693 attempted malware attacks
  • NHS Lanarkshire reported 51 attempted or successful attacks and NHS Greater Glasgow
  • NHS Clyde was subject to four cyber breaches in 2016, where files became inaccessible after being encrypted by ransomware. In all cases, data was recovered and the ransom was not paid
  • NHS Tayside reported up to 7,000 attempts every month including ransomware
  • Dumfries and Galloway, Shetland and the Borders health boards said they had no attempted cyber attacks. No board reported losing data.

In the overwhelming majority of cases the breach affected limited areas of the public body’s network, with swift action taken to contain and repair systems and no patient data lost or compromised. The fact that a wide range of measures are taken to ensure basic security standards are met means that losses and fallout are mitigated.

A spokesman for local authority umbrella body Cosla said: “We fully recognise how important our cyber security is and we are doing everything we can to safeguard councils against such attacks.

Detective Inspector Eamonn Keane from Police Scotland’s cyber crime unit, added: “Cyber crime has witnessed significant growth. The cyber threat to Scotland is indicative of that local, national and international threat applicable to all regions in the UK. We always encourage anyone who thinks they’ve been a victim of cybercrime to come forward and report it to police.”

We at Cyber Security Helpdesk would always agree with this best practice advice. We would also suggest that following a Cyber Attack the appropriate personnel and partners are enlisted to (a) fight the attack, (b) repair systems, (c) ensure that business continues as normal.

Categories
Cyber Security Cyber Security Recruitment Cyber Security Training Cybercrime UK News

Cybercrime Failure Costly

In today’s news, the National Audit Office has criticised police, the government and banks for failing to tackle cybercrime after it was revealed just one in 150 police officers is dedicated to investigating cyberfraud.

The NAO says the cost to the economy as a whole was £144bn last year.

Sir Amyas Morse, head of the National Audit Office, said: “For too long, as a low-value but high-volume crime, online fraud has been over-looked by government, law enforcement and industry. It is now the most commonly experienced crime in England and Wales and demands an urgent response.”

Categories
Cyber Security Cyber Security Training Information Security UK News

Nearly 500 law firms targeted by fraudsters in new email scam

The Law Society Gazette published a report confirming that fraudsters have attempted to infiltrate the IT systems of hundreds of firms.

In an update published by the Solicitors Regulation Authority, the regulator said it has seen increasing reports of attempted cyber-crime and warned solicitors to be wary of falling victim.

Firms have reported being sent emails saying their services are required: after they respond, the scammers send attachments or links to websites.

These attachments and links might contain malware which allows the perpetrators to control or undermine IT systems.

The SRA said some of the emails relate to a property sale and are sent from a ‘Margaret’ or ‘Mary Smollins’. The email [email protected] has been used to send rogue messages.

The SRA said: ‘While genuine potential clients might indeed send information in this way, law firms should be wary of the risks of malware infecting their IT systems, and take action appropriate to their business.’

Once malware is on a system, it can record everything typed over a long period to obtain passwords or financial details, copy or modify data on the system, and allow hackers to get into the firm’s network.

Firms are advised to use cloud-based computing for storing, accessing and processing information and to inform the police and SRA immediately if they have been contacted via these emails.

Other steps can include keeping software up to date, using an anti-virus system and using encryption on mobile devices. Files should also be backed up on a regular basis including at least one back-up that is not directly and regularly connected to the main systems.

In 2016 the SRA had reports of around £7m of client money being lost to cyber-crime. Almost half of all cyber attacks are aimed at small businesses.

IF YOUR FIRM HAS BEEN TARGETED IN A PHISHING OR SPOOFING ATTEMPT, OR WORSE STILL, HAS BEEN A VICTIM OF CYBER CRIME, CONTACT CYBER SECURITY HELPDESK LTD TODAY TO DISCUSS HOW WE CAN WORK TO MITIGATE THE DAMAGE CAUSED AND RESOLVE THE PROBLEM EFFICIENTLY

Categories
Cyber Security Manchester Cyber Security News UK News

Cyber Security News In The Manchester Region

Cyber attacks cost Manchester economy £41 million, according to a study carried out by Alto digital, aimed at discovering how far UK businesses have developed in terms of office security.

Almost 62% of businesses in the city have been targeted by hackers in the last 12 months.

The study revealed that firms are seriously compromising their confidential data, unknowlingly committing security violations because of a lack of training and knowledge of their IT systems and document security.

It was calculated that these hacks equated to down time equivalent to five to seven days per annum for UK business, with 69% of staff members affected.

An analysis of Manchester’s most common cyber security risks are:
· Companies not having a firewall (up to 36% from 24% in 2013)
· Failing to change old passwords (up to 55% from 32% in 2013)
· Not protecting data stored on printers or photocopiers at all (82%)

The primary reason for IT hacks on Manchester’s businesses in 2016 was phishing emails – when fraudsters attempt to obtain sensitive information for malicious reasons.

Targets include professional services firms such as accountants, mortgage brokers and law firms.

23% of those questioned have also experienced a hack via their telecoms systems, with the most common methods being via remote voice mail access (41%), remote programming (49%) and IP phones (36%).

Sensitive Data Collection and Processsing

When it comes to scanning or photocopying documents, 51% of Manchester’s businesses admit to regularly processing highly confidential documents such as birth certificates (42%), client confidential documents (29%) and even company insurance documents (18%), yet an overwhelming 69% are unaware that a photocopier will store every single document that it scans – a serious hacking risk when connected to a company network.

When asked about the barriers to investing in a sophisticated security strategy, 52% of companies said it’s too expensive (48% in 2013), 59% stated that it’s too time consuming (23% in 2013) and 62% even mentioned that it’s just too confusing (32% in 2013).

It’s not all bad news though, only 24% of UK employees admitted that there’s a lack of concern at management level to invest in a reliable security infrastructure – a large reduction from 2013, when it was a more significant 36%.

Even more positive is the result that an impressive 80% of IT Directors questioned revealed that they always wipe their internal hard drive before getting rid of obsolete printers, a 27% increase from 2013.

Whilst it is clearly important to focus on training and proactive cyber security and data security policies aimed at prevention, the number of phishing or spoofing attempts on Manchester businesses, which are becoming more sophisticated, it is also important to have a trusted Cyber Security Incident Response team who can ensure that any cyber incident is managed properly and professionally with the minimum of downtime and loss to the business.

Categories
Business Advice Cyber Insurance Cyber Security Cybercrime Legal Sector Professional Practices UK News

Legal Profession: Beware of ‘Friday afternoon fraud’ risk

Over the past year, we have noticed a rise in the number of law firms being tricked into giving bank details to fraudsters in so-called ‘Friday afternoon scams’.

The Solicitors Regulatory Authority) confirms that it is a growing problem and itself continues to receive regular reports of scammers stealing from firms despite repeated warnings to professionals not to disclose sensitive details.

Criminals tend to target conveyancing firms with large amounts of money in client accounts and are increasingly sophisticated in how they persuade people to release information.

Instances of so-called ‘Friday afternoon fraud’ are of huge to concern to solicitors and their insurers and with the average house price nearing the £300,000 mark, it is easy to see why such frauds have such a potential impact on a firm’s claims’ record.

These “Friday Afternoon Frauds” appear to follow a particular pattern. They are calculated and highly sophisticated, employing legal industry experience, banking industry experience, (usually) a well financed setup (taking place in what appears to be a call centre established for this purpose), psychology of the firm’s staff and a discreet knowledge of a specific firm’s financial or client details.

They typically take place on a Friday afternoon (hence the name!), starting with a telephone call to the firm’s accounts department or FD, purporting to be from the fraud unit of its own bank. The caller is able to provide (apparently by hacking the firm’s online banking access) details of the genuine transactions made that day, thereby giving the impression of legitimacy. This is also known as a “Vishing” scam. The fraudster will claim that suspicious transactions have been made from the account and that it has been frozen, and will offer the firm assistance with any urgent payments that it needs to make in the meantime. The firm will be required to provide its online bank details, which the caller then quickly uses to defraud the firm with individual payments typically being for slightly less than £100,000, to avoid detection for as long as possible, and where multiple payments are made they will be for differing amounts, in order to avoid raising the bank’s suspicion.

Once each payment is made it is quickly transferred to other accounts and often moved out of the jurisdiction. As these payments are usually made on a Friday afternoon and may not be discovered until the following Monday, catching the criminals by chasing the flow of funds can be next to impossible as they will have long since been dissipated. Many scams also occur either side of the Christmas break, taking advantage of the holiday period.

Other examples of online fraud committed against law firms is “Phishing” scams where a fraudster may hack into a client’s email account or that of another third party involved in the transaction such as a mortgage broker and direct a solicitor or client to transfer proceeds from their sale to a different bank account or a solicitor’s own email account or server may be hacked or impersonated so clients are directed to send monies to accounts other than the solicitor’s client account. The hacking can occur from something as simple as a predictible password being used by a firm employee, lack of robust authentication to log in to a firm’s systems or Malware (malicious software) being unwittingly downloaded from e.g. an unsolicited email communications giving the perpetrators the ability to intercept communications and attempt to hijack money from client accounts.

The SRA has confirmed that law firms and clients have being the victims of scams and schemes totalling millions.

We would advise firms to take the following basic precautions:

  1. Never reveal banking security information over the telephone, even if the caller appears to be genuine and to have knowledge of your account. Independently validate callers by contacting somebody they already know at the bank, preferably using a separate telephone line, for example a mobile. (There have been examples of scammers keeping the line open to intercept any follow-on call to check.)
  2. Employing two-factor authentication on any remote access availability and ensure all user passwords are both sufficiently difficult to predict and are changed regularly.
  3. Always confirm bank details with clients by telephone or in person.
  4. Ensure that all Cyber or Data Warnings to clients are prominently displayed on ALL email correspondence, paper correspondence and repeated by telephone during the course of a matter.
  5. Circulate this advice to all staff, so they are aware of the issue. Ensure staff understand these risks and have undergone cyber and data security training.
  6. Respond swiftly. If you suspect or become aware that you have been a victim of such fraud, contact your bank and broker or insurer as soon as possible. The quicker action is taken, the greater the chances of recovering the money taken.

The potential losses (and consequentially the financial, reputational and regulatory impact on the firm) are significant and a number of firms have already been affected, so management and staff should be advised to remain vigilant.

Should you require any assistance with Cyber or Data breaches, contact us to discuss our incident response service. As one of the UK’s leading integrated incident response service providers, we can advise on technical, legal, regulatory and reputational matters.