Cyber News and Threats – 31st March 2017
Here are some of the latest updates on cyber threats and news that we’ve picked up in the last couple of weeks, including the NCSC weekly update for 17th Feb. All updates are open source and links given:
- Criminals target US healthcare sector – The cyber division of the FBI recently issued an alert warning of criminal activity targeting File Transfer Protocol (FTP) servers operating in ‘anonymous’ mode, associated with the US medical and dental facilities.
- Asian cyber criminals demonstrate ongoing professionalization – According to a report by security research group Check Point, cyber criminals in Asia are using fake mobile base stations to impersonate legitimate telecommunications companies while conducting SMS phishing (‘SMiShing’) campaigns.
For the full text of the NCSC weekly Threat Report please go to: https://www.ncsc.gov.uk/report/weekly-threat-report-31st-march-2017
And in other news online
Airports and nuclear power stations on terror alert as government officials warn of ‘credible’ cyber threat – Britain’s airports and nuclear power stations have been told to tighten their defences against terrorist attacks in the face of increased threats to electronic security systems. http://www.telegraph.co.uk/news/2017/04/01/airports-nuclear-power-stations-terror-alert-government-officials/
‘Worrying number’ of UK businesses unprepared for cyber attacks, says IoD – In a new report (22-page / 2.07MB PDF), the IoD, which represents business leaders, shared the results of a survey it carried out into UK businesses’ approach to cybersecurity. The IoD said just 56% of businesses confirmed that they “have a formal cybersecurity strategy”, and 40% of respondents said they are not sure who to contact in the event that they fall victim to online fraud. https://www.out-law.com/en/articles/2017/march/worrying-number-of-uk-businesses-unprepared-for-cyber-attacks-says-iod/
Data from cyber insurance provider CFC Underwriting shows that 38% of its claims in 2016 could have been avoided through better staff education and training on cyber risks – Some 27% of small to medium-sized enterprises (SMEs) are failing to educate staff on the threat of a cyber attack, according to research by cyber insurance provider CFC Underwriting. http://www.computerweekly.com/news/450415869/More-than-a-quarter-of-SME-staff-lack-cyber-threat-training
Government to strengthen cyber demands on contractors – The Government is planning to toughen up its requirements for contractors to hold a Cyber Essentials certificate to strengthen security in field. http://www.ukauthority.com/cyber-resilience/entry/7010/government-to-strengthen-cyber-demands-on-contractors
UK Government sets out water sector cyber security strategy – The Department for Environment, Food and Rural Affairs (Defra) has set out a new strategy to reduce the risks of cyber-attacks in the water industry. The ‘Water Sector Cyber Security’ strategy incorporates contributions from the sector and aims to guide activities across water companies and government. http://www.energylivenews.com/2017/03/27/uk-government-sets-out-water-sector-cyber-security-strategy/