NCSC warns UK’s critical infrastructure is too vulnerable

The UK's National Cyber Security Centre (NCSC) has raised the alarm about escalating threats to the nation's Critical National Infrastructure (CNI) and warned that resilience is not at the required level.

"The threat is evolving. While we are making progress building resilience in our most critical sectors, we aren't where we need to be," states a NCSC report this week.

Dominic Trott, Director of Strategy and Alliances at Orange Cyberdefense, commented on the pressing...

14 November 2023 | Legislation & Government

Microsoft: UN treaty creates ‘ideal conditions’ for cybercrime

Amy Hogan-Burney, Associate General Counsel, Cybersecurity Policy & Protection at Microsoft, has voiced concerns about a Russia-led United Nations (UN) cybercrime treaty. 

As the global menace of cybercrime gains sophistication and extends its reach, a united front is crucial to effectively combat these digital threats. Concerted cooperation between law enforcement agencies, governmental bodies, international partners, and private corporations is required.

However,...

31 August 2023 | Legislation & Government

Russian hackers suspected of cyberattack exposing data of 40M citizens

A cyberattack targeting the UK Electoral Commission has exposed the data of up to 40 million citizens. British intelligence services have uncovered evidence linking the cyberattack to Russian hackers.

The attack, described as a "complex cyber attack," targeted the Electoral Commission's computer systems, gaining unauthorised access to sensitive information. The breach was not detected until 14 months after the initial intrusion, prompting questions about the organisation's...

9 August 2023 | Security

Risk Register 2023: Infrastructure cyberattack could harm thousands

In a stark warning, the UK government has alerted the public to the impact of a cyberattack on critical infrastructure.

The findings come from the latest National Risk Register report, which is based on the government’s classified National Security Risk Assessment and considers malicious risks like terrorism and cyberattacks alongside non-malicious risks such as severe weather incidents.

The government estimates there’s a 5-25 percent likelihood of a serious...

4 August 2023 | Security

Over 338K FortiGate firewalls remain unpatched to critical bug

A critical vulnerability in FortiGate firewalls, known as CVE-2023-27997, has left more than 338,000 devices exposed to potential exploitation.

The flaw, which allows for remote code execution, was patched by Fortinet last month, but a significant number of devices have yet to be updated.

Infosec company Bishop Fox has even developed an example exploit to demonstrate the severity of the vulnerability.

Rated 9.8 out of 10 in terms of CVSS severity, the...

4 July 2023 | Security

Hackers force Russian military satellite operator offline

A group of unidentified hackers has taken credit for targeting prominent Russian satellite communications operator Dozor-Teleport.

The network disruption caused by the cyberattack impacted critical services utilised by energy companies, as well as the country's defense and security services.

The attack was perpetrated by an organisation claiming to be affiliated with the Wagner Group, a group of mercenaries financed by the Russian military that staged a coup last month...

3 July 2023 | Networks

Russian cybercriminals attack US government agencies

Several US federal government agencies have fallen victim to a global cyberattack by Russian cybercriminals.

The attack exploits a vulnerability in widely used software, leading to concerns about data breaches and potential disruptions. The US Cybersecurity and Infrastructure Security Agency (CISA) is working urgently to understand the impacts and facilitate timely remediation.

Colin Little, Security Engineer at Centripetal, said:

"Given the scope of this...

16 June 2023 | Security

Russia-linked hackers seek to ‘disrupt or destroy’ UK infrastructure

UK Cabinet Office Minister Oliver Dowden has warned that Russia-aligned hackers are seeking to disrupt or destroy Britain's critical infrastructure.

In a speech at the CyberUK conference in Belfast, Dowden unveiled new measures to support businesses "on the front line of our cyber defences" and described the hackers as "Wagner-like," a reference to the Russian mercenaries fighting in Ukraine that have been repeatedly accused of war crimes.

The National Cyber Security...

19 April 2023 | Legislation & Government

Hackers steal the data of millions of AT&T customers

A vendor hack has resulted in the data of millions of AT&T customers being stolen.

AT&T is sending emails to around nine million customers to alert them of the theft of their data.

The attackers did not breach AT&T directly but compromised the systems of a marketing vendor used by the US telecom giant.

All impacted users had CPNI (Customer Proprietary Network Information) stolen, including phone numbers, full names, and email addresses. A smaller...

13 March 2023 | AT&T

Russian hackers disrupt NATO comms used for earthquake relief

Russian hacking group Killnet has claimed responsibility for disrupting communications between NATO and other organisations providing earthquake relief in Turkey and Syria.

The devastating earthquake has claimed at least 28,000 lives and efforts continue to pull victims from the rubble. Countries and NGOs worldwide dispatched resources to provide humanitarian aid, including aircraft with transport and airlift capabilities.

Strategic Airlift Capability (SAC) is a...

13 February 2023 | Networks