Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label UK. Show all posts
UK
attacks Businesses Cyber Crime CyberCrime global cooperation guidance insurance Ransomware resilience Security UK

Global Effort Unites Against Ransomware: New Guidance to Strengthen Business Defenses

  

Ransomware attacks continue to pose significant challenges for businesses worldwide, with incidents on the rise. 

In response, the UK, along with 38 other nations and international cyber insurance organizations, has collaborated to release updated guidance aimed at supporting victims and enhancing resilience. This guidance advises against making immediate ransom payments, as recovery of data or malware removal is not guaranteed, and paying ransoms often encourages further criminal activity.

Instead, businesses are urged to create a comprehensive response plan, with policies and contingency measures in place. Organizations that fall victim to ransomware should report the incident to law enforcement and consult security professionals for expert guidance.

Ransomware has become a lucrative venture for cybercriminals, causing an estimated $1 billion in losses in 2023. By removing the incentive for criminals, these new policies aim to weaken the ransomware business model and reduce future attacks.

"International cooperation is crucial in fighting ransomware as cybercrime knows no borders," stated Security Minister Dan Jarvis. He emphasized that this collective effort will hit cybercriminals financially and better protect businesses in the UK and beyond.

The UK is taking a leading role, collaborating with three major insurance organizations—the Association of British Insurers, the British Insurance Brokers' Association, and the International Underwriting Association—to issue co-sponsored guidance. Meanwhile, the UK National Crime Agency has taken steps by sanctioning 16 individuals from the 'Evil Corp' cybercrime group, responsible for over $300 million in theft from critical infrastructure, healthcare, and government sectors.

Jonathon Ellison, Director for National Resilience at the NCSC, highlighted the urgency of addressing ransomware threats: "This guidance, backed by both international bodies and cyber insurance organizations, represents a united front in bolstering defenses and increasing cyber readiness."
Read more »
UK
Cyber Attacks Malicious Campaign Telecom Firm UK

BT Uncovers 2,000 Potential Cyberattacks Signals Every Second

 

BT logs 2,000 potential cyber attack signals per second, according to the latest data from the telecom behemoth, as it warns of the rising threat from cyber criminals.

The telecom firm stated it found that web-connected devices were being scanned more than 1,000 times each a day by known malicious sources, as attackers scan for vulnerabilities in online systems. While some scans are authentic for security monitoring, BT stated that 78% were not harmless. 

BT said its most recent data on the issue revealed a 1,234% lift in new malicious scanners across its networks over the last year, and cautioned that the increase could be attributed to more malicious actors using AI-powered, automated bots to scan for vulnerabilities in security systems in order to avoid tools designed to detect suspicious activity.

The UK's National Cyber Security Centre (NCSC) has previously cautioned that AI technologies were upskilling malicious actors and lowering the entrance barrier to launch cyber attacks.

According to BT's research, the IT, defence, and financial services sectors were the most targeted for cyber assaults, but other sectors, such as retail, education, and hospitality, were being increasingly targeted since they are seen to have a lower security focus. The data was made public during BT's Secure Tomorrow cybersecurity festival at the company's Adastral Park research facility in Suffolk. 

“Today, every business is a digital business, and our data shows that every 90 seconds hackers are checking connected devices to find a way in – like opportunistic burglars looking for an open window,” Tris Morgan, managing director for security at BT, stated. 

“Tools like AI provide new routes of attack, but they can also the first line of defence. At BT, we’re constantly evolving our network security to stay one step ahead and protect more than a million businesses, day in, day out.” 

The cybersecurity warning comes after the government announced that all UK data centres will be designated as Critical National Infrastructure (CNI), putting them on an equal footing with energy, water, and emergency services infrastructure, and will now receive more government support and protection from cyber attacks, IT blackouts, and environmental disasters.
Read more »
UK
Cyber Security Data Theft Databreach NHS Ransomware UK

Cybersecurity Expert Warns NHS Still Vulnerable After Major Ransomware Attack

 

A leading cybersecurity expert has warned that the NHS remains at risk of further cyber-attacks unless it updates its computer systems. This stark warning follows a significant ransomware attack that severely disrupted healthcare services across London. 

Prof Ciaran Martin, the founding CEO of the UK's National Cyber Security Centre (NCSC), told the BBC: "I was horrified, but not completely surprised. Ransomware attacks on healthcare are a major global problem." NHS England announced it was increasing its cybersecurity resilience and had invested $338 million over the past seven years to address the issue. 

However, Prof Martin’s warnings suggest more urgent action is necessary. A recent British Medical Association report highlighted the NHS's ageing IT infrastructure, revealing that doctors waste 13.5 million hours annually due to outdated systems - equivalent to 8,000 full-time medics' time. 

 The cyber-attack on 3 June, described by Prof Martin as one of the most serious in British history, targeted Synnovis, a pathology testing organisation. This severely affected services at Guy's, St Thomas', King's College, and Evelina London Children's Hospitals. 

NHS England declared it a regional incident, resulting in 4,913 outpatient appointments and 1,391 operations being postponed, alongside major data security concerns. The Russian-based hacking group Qilin, believed to be part of a Kremlin-protected cyber army, demanded a $40 million ransom. When the NHS refused to pay, the group published stolen data on the dark web. 

This incident reflects a growing trend of Russian cyber criminals targeting global healthcare systems. Now a professor at the University of Oxford, Prof Martin highlighted three critical issues facing NHS cybersecurity: outdated IT systems, the need to identify vulnerable points, and the importance of basic security practices.

He further said, "In parts of the NHS estate, it's quite clear that some of the IT is out of date." He stressed the importance of identifying "single points of failure" in the system and implementing better backups. 

Additionally, he emphasized that improving basic security measures could significantly hinder attackers, noting: "Those little things make the point of entry quite a lot harder for the thugs to get in." Emphasizing the severity of the recent attack, he said, "It was obvious that this was going to be one of the most serious cyber incidents in British history because of the disruption to healthcare."
Read more »
UK
Cyber Attacks Data Privacy Healthcare London National Cyber Security Centre NHS patient data protection Ransomware attack Russian Gang UK

Ransomware Attack on Pathology Services Vendor Disrupts NHS Care in London

 

A ransomware attack on a pathology services vendor earlier this week continues to disrupt patient care, including transplants, blood testing, and other services, at multiple NHS hospitals and primary care facilities in London. The vendor, Synnovis, is struggling to recover from the attack, which has affected all its IT systems, leading to significant interruptions in pathology services. The Russian-speaking cybercriminal gang Qilin is believed to be behind the attack. Ciaran Martin, former chief executive of the U.K. National Cyber Security Center, described the incident as "one of the more serious" cyberattacks ever seen in England. 

Speaking to the BBC, Martin indicated that the criminal group was "looking for money" by targeting Synnovis, although the British government maintains a policy against paying ransoms. Synnovis is a partnership between two London-based hospital trusts and SYNLAB. The attack has caused widespread disruption. According to Brett Callow, a threat analyst at security firm Emsisoft, the health sector remains a profitable target for cybercriminals. He noted that attacks on providers and their supply chains will persist unless security is bolstered and financial incentives for such attacks are removed. 

In an update posted Thursday, the NHS reported that organizations across London are working together to manage patient care following the ransomware attack on Synnovis. Affected NHS entities include Guy's and St Thomas' NHS Foundation Trust and King's College Hospital NHS Foundation Trust, both of which remain in critical incident mode. Other impacted entities are Oxleas NHS Foundation Trust, South London and Maudsley NHS Foundation Trust, Lewisham and Greenwich NHS Trust, Bromley Healthcare, and primary care services in South East London. 

The NHS stated that pathology services at the impacted sites are available but operating at reduced capacity, prioritizing urgent cases. Urgent and emergency services remain available, and patients are advised to access these services normally by dialing 999 in emergencies or using NHS 111. The Qilin ransomware group, operating on a ransomware-as-a-service model, primarily targets critical infrastructure sectors. According to researchers at cyber threat intelligence firm Group-IB, affiliate attackers retain between 80% and 85% of extortion payments. Synnovis posted a notice on its website Thursday warning clinicians that all southeast London phlebotomy appointments are on hold to ensure laboratory capacity is reserved for urgent requests. 

Several phlebotomy sites specifically managed by Synnovis in Southwark and Lambeth will be closed from June 10 "until further notice." "We are incredibly sorry for the inconvenience and upset caused to anyone affected." Synnovis declined to provide additional details about the incident, including speculation about Qilin's involvement. The NHS did not immediately respond to requests for comment, including clarification about the types of transplants on hold at the affected facilities. The Synnovis attack is not the first vendor-related incident to disrupt NHS patient services. Last July, a cyberattack against Ortivus, a Swedish software and services vendor, disrupted access to digital health records for at least two NHS ambulance services in the U.K., forcing paramedics to use pen and paper. 

Additionally, a summer 2022 attack on software vendor Advanced, which provides digital services for the NHS 111, resulted in an outage lasting several days. As the healthcare sector continues to face such cybersecurity threats, enhancing security measures and removing financial incentives for attackers are crucial steps toward safeguarding patient care and data integrity.
Read more »
UK
Data Breach data security Employee Data Fines ICO Information Commissioner Office Information Security Ireland UK

PSNI Faces £750,000 Fine for Major Data Breach

 

The Police Service of Northern Ireland (PSNI) is set to receive a £750,000 fine from the UK Information Commissioner’s Office (ICO) due to a severe data breach that compromised the personal information of over 9,000 officers and staff. This incident, described as "industrial scale" by former Chief Constable Simon Byrne, included the accidental online release of surnames, initials, ranks, and roles of all PSNI personnel in response to a Freedom of Information request. 

This breach, which occurred last August, has been deemed highly sensitive, particularly for individuals in intelligence or covert operations. It has led to significant repercussions, including Chief Constable Byrne's resignation. Many affected individuals reported profound impacts on their lives, with some forced to relocate or sever family connections due to safety concerns. The ICO's investigation highlighted serious inadequacies in the PSNI's internal procedures and approval processes for information disclosure. 

John Edwards, the UK Information Commissioner, emphasized that the breach created a "perfect storm of risk and harm" due to the sensitive context of Northern Ireland. He noted that many affected individuals had to "completely alter their daily routines because of the tangible fear of threat to life." Edwards criticized the PSNI for not having simple and practical data security measures in place, which could have prevented this "potentially life-threatening incident." He stressed the need for all organizations to review and improve their data protection protocols to avoid similar breaches. 

The ICO's provisional fine of £750,000 reflects a public sector approach, intended to prevent the diversion of public funds from essential services while still addressing serious violations. Without this approach, the fine would have been £5.6 million. In response to the breach, the PSNI and the Northern Ireland Policing Board commissioned an independent review led by Pete O’Doherty of the City of London Police. The review made 37 recommendations for enhancing information security within the PSNI, underscoring the need for a comprehensive overhaul of data protection practices. 

Deputy Chief Constable Chris Todd acknowledged the fine and the findings, expressing regret over the financial implications given the PSNI's existing budget constraints. He confirmed that the PSNI would implement the recommended changes and engage with the ICO regarding the final fine amount. The Police Federation for Northern Ireland (PFNI), representing rank-and-file officers, criticized the severe data security failings highlighted by the ICO. 

PFNI chair Liam Kelly called for stringent measures to ensure such an error never recurs, emphasizing the need for robust data defenses and rigorous protocols. This incident serves as a stark reminder of the critical importance of data security, particularly within sensitive sectors like law enforcement. The PSNI's experience underscores the potentially severe consequences of inadequate data protection measures and the urgent need for organizations to prioritize cybersecurity to safeguard personal information.
Read more »
User Privacy
Action Fraud Cyber Fraud Cyber Scam Cyber Scammers UK User Privacy

Scammers Targeting WhatsApp Groups in UK

 

When businessman Mohammed Yousaf received an urgent plea for assistance from one of his oldest friends, he rushed to the rescue.

The 56-year-old received a WhatsApp message from the account of a man he had been friends with for 50 years. It began with the greeting 'Salaam', followed by the message: "Please, I need a little assistance from you..." 

Mohammed was concerned about his friend and inquired how he could help. He was told that his friend was attempting to send £800 to an account, but it did not function, and he was asked if he could make the payment instead, with his friend reimbursing him the next day. What transpired was a fraud that terrified Mr. Yousaf and cost him £800. Unfortunately, he's not alone. 

Last month, men in East Lancashire were warned of blackmail fraud after scammers posing as Eastern European gang members sent threatening requests for payment. Police said men in Accrington and Blackburn were pushed into giving over substantial sums of cash after getting disturbing messages and video calls of someone carrying a pistol. 

Action Fraud, the UK's national reporting centre for fraud and cybercrime, reports that fraudsters are now targeting group chat participants in order to exploit WhatsApp users. The fraud often begins when a member of the group receives a WhatsApp audio call from the fraudster, who pretends or claims to be another member of the group. 

This is done to earn the individual's trust, and the scammer will frequently use a phoney profile image and/or display name, giving the impression that it is a genuine member of the group. 

The fraudster will inform the victim that they are providing them a one-time passcode that will allow them to participate in an upcoming video call for group members. The perpetrator then asks the victim to reveal the passcode so that they can be "registered" for the video conference.

In reality, the attacker is asking for a registration number to migrate the victim's WhatsApp account to a new device, allowing them to take over the account. 

Once the fraudster has gained access to the victim's WhatsApp account, they will activate two-step verification, making it impossible for the victim to regain access to their account. Other members of the group, or friends and family in the victim's contacts, will then be messaged, urging them to wire money immediately because they are in urgent need of assistance. 

According to Detective Superintendent Gary Miles, head of the City of London Police's National Fraud Intelligence Bureau, WhatsApp remains a key channel of communication for several people in the UK, but fraudsters continue to figure out ways to gain access to these platforms.
Read more »
VespAI
Artifical Inteligence Cornwall Technology UK University of Exeter VespAI

AI Developed to Detect Invasive Asian Hornets

 



Researchers at the University of Exeter have made an exceptional breakthrough in combating the threat of unsettling Asian hornets by developing an artificial intelligence (AI) system. Named VespAI, this automated system boasts the capability to identify Asian hornets with exceptional accuracy, per the findings of the university’s recent study.

Dr. Thomas O'Shea-Wheller, from the Environment and Sustainability Institute from Exter's Penryn Campus in Cornwall, highlighted the system's user-friendly nature, emphasising its potential for widespread adoption, from governmental agencies to individual beekeepers. He described the aim as creating an affordable and adaptable solution to address the pressing issue of invasive species detection.

How VespAI Works

VespAI operates using a compact processor and remains inactive until its sensors detect an insect within the size range of an Asian hornet. Once triggered, the AI algorithm aanalyses aptured images to determine whether the insect is an Asian hornet (Vespa velutina) or a native European hornet (Vespa crabro). If an Asian hornet is identified, the system sends an image alert to the user for confirmation.

Record Numbers of Sightings

The development of VespAI is a response to a surge in Asian hornet sightings not only across the UK but also in mainland Europe. In 2023, record numbers of these invasive hornets were observed, posing a significant threat to honeybee populations and biodiversity. With just one hornet capable of consuming up to 50 bees per day, the urgency for effective surveillance and response strategies is paramount.

Addressing Misidentification

Dr. Peter Kennedy, the mastermind behind VespAI, emphasised the system's ability to mitigate misidentifications, which have been prevalent in previous reports. By providing accurate and automated surveillance, VespAI aims to improve the efficiency of response efforts while minimising environmental impact.

What The Testing Indicate?

The effectiveness of VespAI was demonstrated through testing in Jersey, an area prone to Asian hornet incursions due to its proximity to mainland Europe. The system's high accuracy ensures that no Asian hornets are overlooked, while also preventing misidentification of other species.

Interdisciplinary Collaboration

The development of VespAI involved collaboration between biologists and data scientists from various departments within the University of Exeter. This interdisciplinary approach enabled the integration of biological expertise with cutting-edge AI technology, resulting in a versatile and robust solution.

The breakthrough AI system, dubbed VespAI, as detailed in their recent paper titled “VespAI: a deep learning-based system for the detection of invasive hornets,” published in the journal Communications Biology. This publication highlights the notable discovery made by the researchers in confronting the growing danger of invasive species. As we see it, this innovative AI system offers hope for protecting ecosystems and biodiversity from the threats posed by Asian hornets.


Read more »
UK
China Cyber Attacks data security Digital Personal Data Protection NHS UK

Safeguarding the NHS: Protecting Against Potential Cyber Attacks from China

 

Recent concerns have surfaced regarding the vulnerability of the NHS to cyberattacks, particularly from China. Reports indicate that Beijing-backed actors exploited software flaws to access the personal details of millions of Britons. As experts in cybersecurity, it's crucial to address these fears and provide insights into safeguarding against potential cyber threats. 

The prospect of a cyber attack on the NHS by hostile actors underscores the critical importance of robust cybersecurity measures. With the personal details of 40 million Britons potentially compromised, the stakes are high, and proactive steps must be taken to protect sensitive data and preserve public trust in the healthcare system. 

One of the primary concerns raised by these reports is the exploitation of software flaws to gain unauthorized access to personal information. Vulnerabilities in software systems can provide entry points for cybercriminals to launch attacks, compromising the integrity and security of sensitive data stored within NHS databases. 

Furthermore, the involvement of state-backed actors adds a layer of complexity to the threat landscape. Nation-state cyber-attacks are often sophisticated and well-coordinated, making them particularly challenging to defend against. As such, healthcare organizations must remain vigilant and adopt comprehensive security measures to detect and deter potential threats. To defend against potential cyber attacks from China or any other threat actor, the NHS must prioritize cybersecurity at every level. 

This includes implementing robust security protocols, conducting regular risk assessments, and investing in advanced threat detection and response capabilities. Additionally, healthcare professionals and staff members must receive comprehensive training on cybersecurity best practices to recognize and respond to potential threats effectively. By fostering a culture of security awareness and vigilance, the NHS can strengthen its defenses against cyber attacks and mitigate the risk of data breaches. 

Collaboration and information sharing are also essential components of an effective cybersecurity strategy. By partnering with government agencies, cybersecurity experts, and industry stakeholders, the NHS can stay ahead of emerging threats and leverage collective intelligence to bolster its security posture. 

While the prospect of a cyber attack on the NHS is concerning, it's essential to approach these threats with a proactive and informed mindset. By implementing robust cybersecurity measures, fostering a culture of security awareness, and collaborating with relevant stakeholders, the NHS can enhance its resilience against potential cyber threats and safeguard the personal data of millions of Britons.
Read more »
Subscribe to: Posts (Atom)