UK ministers are failing to act with “a meaningful sense of purpose or urgency” in the face of a growing cyber threat to the UK’s critical national infrastructure (CNI), a parliamentary committee has warned.
The joint committee on national security strategy said at a time when states such as Russia were expanding their capability to mount disruptive cyber-attacks, the UK’s level of ministerial oversight was “wholly inadequate”. It urged Theresa May to appoint a cybersecurity minister in cabinet to take charge of the efforts to build national resilience.
The Russian military intelligence unit GRU is behind a fresh wave of global cyber attacks, British officials say. Britain’s National Cyber Security Centre has concluded that hackers behind numerous attacks have been identified as GRU personnel.
Australia has joined the UK in attributing four attacks to the GRU: the October 2017 BadRabbit ransomware that hit Russia, Ukraine, Germany, and Turkey; the release of data from a World Anti-Doping agency hack, the 2016 hack of the US Democratic National Committee, which resulted in the publishing of the party’s emails on WikiLeaks and an attack on a “small UK-based TV station” between July and August of 2015.
Read more about the accusations by the UK and Australia on ZDNet.
Flight information screens were blacked out over the weekend at the Bristol Airport in the UK. Airport officials blamed the incident on a ransomware infection that affected the computers running the airport’s in-house TV screens displaying arrival and departure flight information.
The infection appears to have taken root on Friday morning, local time, according to the Bristol Airport’s social media accounts. Airport officials said they did not intend to pay the attacker’s ransom demand and opted to take down their systems while they serviced affected computers. Functionality to affected systems was restored on Sunday morning, local time.
Read more about the ransomware attack on Bristol Airport on ZDNet
British Airways is investigating the theft of customer data from its website and app over a two-week period and has urged customers affected to contact their banks or credit card providers. The airline said around 380,000 payment cards had been compromised and it had notified the police.
In a statement it said: “The stolen data did not include travel or passport details. From 22.58 BST August 21 2018 until 21.45 BST September 5 2018 inclusive, the personal and financial details of customers making bookings on ba.com and the airline’s app were compromised. The breach has been resolved and our website is working normally.”
Read more about the massive British Airways data breach on The Guardian.
Only one third of senior executives in UK organisations admit their company insurance currently covers them for a security breach and for the financial impact of data loss, despite the fact that 81 percent agree that it is ‘vital’ their organisation is insured against information security breaches. This is according to the Risk:Value report from NTT Security, which also reveals that 29 percent of firms have dedicated cybersecurity insurance in place.
The 2018 report, which looks at the attitudes of 1,800 global senior decision makers from non-IT functions to risks to the business and the value of information security, reveals that UK businesses would have to spend on average £1 million to recover from a breach.
On Tuesday evening, the UK health and beauty retailer Superdrug emailed customers and also revealed on Twitter that an event had occurred “which may have resulted in the possible disclosure of some customers’ personal information.” Names, addresses, dates of birth, phone numbers, and point balances may have been compromised. However, it is not believed that any financial data has been put at risk.
Superdrug said there is “no evidence” that internal systems have been compromised; instead, the company believes that repeat credentials used by customers on other websites were used to access Superdrug accounts. The threat actor has attempted to secure a ransom payment, the company added.
Read more about the attack that affects 20,000 customers, on ZDNet.
A data breach at electronics retailer Dixons Carphone is almost ten times larger than the company first thought. Personal information of 10 million customers, including names, addresses, and email addresses, are thought to have been accessed by outsiders — massively up from the originally stated figure of 1.2 million.
The company uncovered further evidence of personal data being accessed during its investigation into the breach, which first occurred in July 2017 but only came to light this June. As part of the attack, hackers also attempted to access 5.9 million payment card details, but Dixons Carphone has previously stated that chip-and-pin protection should prevent these details being used for fraud.
Read more about the newly uncovered information regarding the massive Dixons Carphone data breach on ZDNet.
A coding error in software used by doctors has led to confidential data of around 150,000 NHS patients in the UK being shared without their permission. These patients had requested their health data should only be used to provide them with care — a process known as a ‘Type 2 opt-out’.
However, a software problem led to this request being ignored and the information being shared for clinical auditing and research. In a written statement, UK junior health minister Jackie Doyle-Price said the Department for Health first became aware of the error on 28 June and that “there is not, and has never been, any risk to patient care as a result of this error”.
Read more about the UK government’s explanation for how the confidential health data of around 150,000 NHS patients ended up being shared for clinical auditing and research, without permission of the patients, on ZDNet.
Organisations which don’t report that they’ve been the victim of cyber crime are putting others at risk of further attacks and are hampering the authorities’ ability to fight against hackers, the UK’s serious and organised crime unit has warned. The National Crime Agency has issued the warning to businesses as part of its National Strategic Assessment of Serious and Organised Crime 2018.
“Under-reporting of data breaches continues to erode our ability to make robust assessment of the scale and cost of network intrusions,” said the report, adding “many companies are not disclosing data breaches, putting victims at risk”. According to figures cited by the NCA, only 38 percent of people have confidence that law enforcement can properly respondent to ‘cyber-dependent’ crime, with the implication that this is partly why victims fail to report they’ve been hit.
Read more about the findings of the new report by the UK’s National Crime Agency on ZDNet.
Charities are a prime target for hackers and are at risk of devastating cyber attacks, the UK’s intelligence agency has warned. The National Cyber Security Centre has set out some of the biggest cyber threats facing charities and advice on how to combat them in a new report.
The Cyber Threat Assessment: UK Charity Sector report describes cyber crime as the greatest threat to the charity sector, with threats ranging from small-scale fraudsters to highly advanced threat groups to even nation-state and terrorist actors. This, combined with the vast amounts of personal and financial data they potentially hold make charities a potentially lucrative target for cyber criminal activity. The report also warns that charities aren’t prepared for the incoming GDPR data protection legislation.
Ransomware and business email compromise are currently the biggest threat to charities, especially because staff – responding to questions or accepting donations – will regularly open emails and download attachments. This makes those in the charity sector prime targets for specifically crafted spear-phishing emails that aim to trick victims into downloading what they believe to legitimate attachment, only for it to infect the network with ransomware.
Read more about the NCSC report on cyber threats in the charity sector on ZDNet.