Category: cyber security

Man United Ransomware Attack

Manchester United football club experienced a ransomware attack in late 2020. They were held to ransom for millions of pounds by cyberhackers who targeted the club’s computer systems and demanded payment to stop them from releasing sensitive data.

It is a difficult decision for any business – pay up or risk seeing highly sensitive information being wiped out or leaked into the public domain.

The club were clear from the start that the attack was very serious but it did not impact on their schedule of matches.

United brought in a team of technical experts to contain the attack and they informed the Police and the National Cyber Security Centre (NCSC).

The NCSC revealed that in 2019 an English Football league club was hit with a £5m ransomware demand. They were unable to access their CCTV or use entry turnstiles, but its’s not believed that they paid anything.

It took weeks of effort to get things back to normal following the attack and United could face fines of up to £18 million or two per cent of their total annual worldwide turnover from the Information Commissioner’s Office if the attack is found to have breached their fans’ data protection.

The NCSC has previously warned that there is a growing threat to sports clubs.

It took roughly 2 weeks for United IT staff and outside experts to regain control of the situation. It is believed they did not pay the attackers.

The episode was embarrassing for United and they are still under investigation by the Information Commissioner’s Office.

If you have any experiences with these scams do let me know, by email.

Fightback Ninja Signature

723 Serious Cyber Attacks Stopped

The job of the National Cyber Security Centre (NCSC) is to protect the UK against cyber threats, whether that’s from hostile nations and groups or simply criminals.

Since it became operational in 2016, GCHQ’s cyber crime defence centre has defended the UK against 1,167 serious such threats.

The majority of the attacks were carried out by hackers “directed, sponsored or tolerated” by foreign governments, according to NCSC chief executive Ciaran Martin.

“These groups constitute the most acute and direct cyber threat to our national security,” he said.

In these days of coronavirus, NSCSC has also had to help protect scientists working on a vaccine, NHS hospitals, essential infrastructure and more.

The Wannacry ransomware in 2017 did huge damage to the NHS hospitals caught out.

NCSC also work to stamp out phishing and similar scams and what they call ‘high commodity attacks’ including the removal of 138,398 phishing sites between September 2017 and August 2018.

Cyber attacks are increasing in volume, scale and range of targets every year so business and all organisations need to take this seriously and protect themselves accordingly.

If you have any experiences with these scams do let me know, by email.

Fightback Ninja Signature

Drive-by Downloads

Generally on web pages, you have to click a link or a button or do something to enable the page to download malware to your device.

But, if your software is sufficiently out of date or missing security updates, then  it may be possible for a web page to initiate a download of malware without you taking any action and it may not warn you of the download.

This can be very dangerous.

Anti-malware services can generally spot such danger and block the download but the key is to always keep your software fully up to date.

Common drive-by exploits

Hackers looking to create drive-by malware, generally look at the following:-

  • Old operating systems
  • Browsers such as FireFox, Chrome, Opera, and others, especially out of date versions
  • Out of date browser plug-ins
  • Early versions of Microsoft Office
  • Adobe/Shockwave Flash (ActiveX)
  • Adobe Reader
  • WinZip compression

The types of drive-by malware commonly found include:-

  • Trojan horses – these take remote control of the user’s device
  • Ransomware—allows the attacker to encrypt or threaten to destroy data on the device unless a ransom is paid
  • Botnet toolkits—attackers may install a botnet application that on many devices which can then be controlled as one to carry out actions such as sending spam email or participating in DDoS attacks
  • Man in the Middle tools—enables attackers to eavesdrop on the user’s communications
  • Keyloggers—capture keystrokes and feed them back to the hacker.

If you have any experiences with scammers, spammers or time-wasters do let me know, by email.

Fightback Ninja Signature

Cyber Security Checklist

https://www.itgovernance.co.uk/blog/5-essential-controls-to-include-in-your-cyber-security-checklist

IT Governance is a leading global provider of cyber risk and privacy management solutions, with a special focus on cyber resilience, data protection, PCI DSS, ISO 27001 and cyber security.

  1. Staff awareness training

Human error is the leading cause of data breaches, so you need to equip staff with the knowledge to deal with the threats they face.

Staff awareness training will show staff how security threats affect them and help them apply best-practice advice to real-world situations.

  1. Application security

Web application vulnerabilities are a common point of intrusion for cyber criminals.

As applications play an increasingly critical role in business, it is vital to focus on web application security.

  1. Network security

Network security is the process of protecting the usability and integrity of your network and data. This is achieved by conducting a network penetration test, which scans your network for vulnerabilities and security issues.

  1. Leadership commitment

Leadership commitment is the key to cyber resilience. Without it, it is very difficult to establish or enforce effective processes. Top management must be prepared to invest in appropriate cyber security resources, such as awareness training.

  1. Password management

You should implement a password management policy that provides guidance to ensure staff create strong passwords and keep them secure.

Do enter your email address and click on the subscribe button on top right to keep up to date with new posts.

Fightback Ninja Signature

What is Cyber Security

Cyber Security, (also known as Information Technology Security) is the protection of computer systems and networks from interruption of their service, theft or damage to their software, hardware or data.

Cyber attacks can cost organisations huge sums of money (including fines) but also cause damage to their business and loss of confidence by their customers and partners. There can also be loss of sensitive data relating to their business or customers and that can spread damage very widely.

The EU GDPR (General Data Protection Regulation) and the DPA (Data Protection Act) 2018 require organisations to implement appropriate technical and organisational security measures to protect personal data – or risk substantial fines.

Cyber security covers:-

  • Network security
  • Application security
  • Information security
  • Operational security
  • Disaster recovery and business continuity
  • User training

The technology is always changing and all organisations need to ensure they have the correct technology for the job and that it is kept up to date and protected against all threats.

Do enter your email address and click on the subscribe button on top right to keep up to date with new posts.

Fightback Ninja Signature

Protection Against Data Breaches

Company data breaches can cause a lot of damage – financial and otherwise to customers and to the reputation of the business. Some companies never recover from a large scale data breach, so it is vitally important to protect your business against the possibility.

Data breaches happen through targeted attacks, theft, or even by accident.

Typically, a hacker gains access to an organisation’s private network and then can steal information on staff, customers and suppliers or research in progress, product data etc.

These attacks can be quick or take a lot of preparation and may take months or even longer to detect or in some cases are never detected.

How to Protect Against Data Breaches

  • Take all cyber security steps necessary – preferably with a qualified expert in charge
  • Insist on strong passwords across the organisation as weak passwords are the easiest way for hackers to gain entry to the systems.
  • Staff training. All staff who use the computers need to know how to recognise phishing attempts by email and by phone.
  • Robust security procedures can reduce the likelihood of human error or oversight.
  • Up to date security systems and updates – unpatched software leaves an open door to hackers.
  • Hackers sometimes gain access to larger company systems by first targeting smaller companies that are supplier to the larger company. Take precautions.
  • Frequent reviews of all security processes and systems is essential as new flaws turn up every day.

Do enter your email address and click on the subscribe button on top right to keep up to date with new posts.

Fightback Ninja Signature