Critical infrastructure named as biggest threat from hackers


A cybersecurity expert has warned of the latest trends in cyber-attacks, with a particular focus on critical infrastructure. Broadly defined as systems that “uphold the needs of society”, these can relate to energy, telecoms, pharmaceuticals and finances. Dave Weinstein, CSO at Claroty, says: “Techniques like password spraying and spearphishing are hardly new to the cyber threat landscape, but their use against critical infrastructure organisations, particularly in North America, suggest a concerted effort among select groups to gain access to these hardened targets.”

Cyber insurance rates hike in wake of new attacks


The increase in cybersecurity attacks has led insurance firms to increase their premiums by up to 25%, according to a new report from Reuters.  In particular, ransomware attacks are said to be causing the hikes, primarily because they cost so much to recover from. Insurers often have to pay out not just for the ransom price, but for the cost of restoring systems too. Malwarebytes Labs warned the attacks were getting “more sophisticated”.

Council goes back to traditional methods after hack


A UK council has resorted to ‘pen and paper’ methods after it became the victim of a ransomware attack. Redcar and Cleveland Borough Council said its IT servers were under attack, with more than 135,000 residents unable to access crucial online services. The council was threatened with a Bitcoin ransom, and has had to resort to pen and paper methods to operate vital functions like taking council tax payments.

Are you familiar with ‘smishing’?


Another day, another new cybersecurity threat: this time we’re facing smishing, the latest attack to affect mobile devices. Smishing is similar to phishing, where emails pose as legitimate senders and encourage readers to open links. With smishing, the attack comes in the form of an SMS message. Mobile users are warned to look out for business names rather than phone numbers, as well as aggressive language like “urgent!” or “reply now!”

Healthcare is the most cyber-targeted industry


A 2020 Vision Report has named the healthcare industry as the most vulnerable to cyber-attacks.  In particular, it was revealed that the Bluekeep vulnerability from Microsoft was twice as likely to occur on medical devices, while medical information and personal data was considered one of the most valuable items on the black market. Most shockingly, it takes hospitals four months to recover from just 40% of attacks.

Cyber security “the responsibility of global leaders”


The World Economic Forum has made a striking declaration about cyber security – that it is the responsibility of world leaders. As part of the World Economic Forum Annual Meeting, experts claimed that security has been the domain of the IT department for too long, and we must all get involved as cyber-attacks grow in sophistication. Conclusions from the meeting included a need for a “culture of cyber security” and a rethink into organisational structures, as well as investment into evolving technologies.  

Multi-factor authentication attacks to rise in 2020


A new report has found that multi-factor authentication attacks are expected to rise in 2020. Multi-factor authentication involves using more than one device or access method to log in to a user account, for example a fingerprint scan and a unique pin. According to the report, 57 per cent of global businesses now use multi-factor authentication, making it a new target for hackers. Experts are predicting a rise in ‘9am attacks’ whereby end-users receive a notification to log in when they arrive at the office, inadvertently giving hackers access.

UK government on the lookout for new security lead


The UK head of cyber security is to step down in 2020 after more than six years of service. Ciaran Martin, who founded the UK’s national cyber security unit, is moving to a role in the private sector for summer 2020. In response, Downing Street is going to implement a “strategic review” of British defence and security, focusing on cyber security. Martin’s top achievements include linking state-sponsored cyber attacks to Russia. In a statement, he said the time had come for a new successor to “take the organisation to the next level”.

Oil and gas sector face new cyber security threats


2020 has been marred with news of attacks on non-renewable energies. At the turn of the decade, the North American Power Grid was subject to threats from organisations such as Parisite, which exploited vulnerabilities in industrial control systems. Meanwhile, Bahrain is under attack from a new Iranian data wiper malware threat, which has taken down national oil company Bapco. Experts now claim that cyber security must be at the forefront of energy companies’ minds, particularly as we continue to rely on external suppliers.  

Civil Aviation Authority announces new security oversight scheme


Transport organisations are recognising the increasing cyber security challenges before us. In the UK, the Civil Aviation Authority has launched a scheme in collaboration with Crest to help the aviation industry manage risks. It will take the form of an accreditation to show companies’ commitment to security.