Press release: Government celebrates cyber security successes in Manchester

The First Secretary of State, Damian Green, spoke at the landmark opening of the new global headquarters of the NCC Group in Manchester, marking the first anniversary of the creation of the National Cyber Security Strategy (NCSS).

The NCSS was launched a year ago in response to the growing cyber security challenges and threats faced by the UK and to define the Government’s ambitions for the future.

As a part of this world-leading strategy the government invested £1.9 billion in establishing the innovative National Cyber Security Centre (NCSC), demonstrating a long-term commitment to keeping the UK safe. Since its launch the NCSC has responded to over 590 significant cyber incidents: providing support to victims, sharing information with intelligence and law enforcement, and setting up incident management structures to ensure essential services are up and running once incidents have occurred.

The First Secretary spoke at the headquarters of the NCC Group – a global expert in cyber security and risk mitigation. The newly built headquarters in Manchester equipped with state of the art technology will employ more than 500 cyber security experts providing Britain’s and Europe’s largest companies with cyber security consultancy and cyber incident response.

Damian Green, First Secretary of State and Minister for the Cabinet Office said:

This Government is committed to tackling the growing threat of cyber security and will continue to invest in the future of our defence programme.

The Government’s Cyber Schools programme aims to provide skills to nearly 6,000 young people in order to secure the UK’s position as a world leader in cyber security for generations to come.

I am delighted that a global cyber security expert has chosen to open their headquarters in Manchester – fuelling the success of the Northern Powerhouse.

Brian Tenner, Interim CEO at NCC Group said:

NCC Group continues to play a pivotal role in advising government and helping to implement national initiatives which are strengthening the UK’s cyber security posture and helping to improve the country’s technical capabilities in this area. The First Secretary’s visit is recognition of this continuing support and we were delighted to welcome him to our company headquarters today.

The threat of cyber crime is an ever-evolving issue that is increasing in severity every day. It is encouraging that the UK Government is treating this as a priority and putting concrete strategies in place to address this. We will continue to offer our assistance and work closely with the UK Government on these new initiatives in order to improve the UK’s ability to defend against modern cyber threats.

Link: Press release: Government celebrates cyber security successes in Manchester
Source: Gov Press Releases

Weekly Threat Report 10th November 2017

Dating apps may put users’ personal data at risk

Researchers at Kaspersky Labs report that several popular online dating apps suffer from vulnerabilities in securing personal data. Users may be at risk of being deanonymized with their locations trackable and personally identifiable information (PII) in danger of being intercepted. Attackers could use the data for a variety of malicious purposes.

Poor security during data transmission is a common problem. For example, some apps upload…

Link: Weekly Threat Report 10th November 2017
Source: NCSC Reports

Weekly Threat Report 21st July 2017

New SMB protocol exploit effective against most windows operating systems 

An EternalSynergy based exploit has now been developed which can compromise newer (unpatched) versions of Windows. The original ETERNALSYNERGY exploit released by The Shadow Brokers in April exploited an SMB protocol vulnerability, CVE-2017-0143, to allow attackers to inject code onto Windows machines but only worked on versions up to Windows 8.

A security researcher has now modified and upgraded ETERNALSYNERGY…

Link: Weekly Threat Report 21st July 2017
Source: NCSC Reports

Weekly Threat Report 24th March 2017

Yahoo breach indictments

The FBI has indicted four individuals for unauthorised access to Yahoo’s networks. According to the indictment, two were alleged cyber criminals and two were members of Russia’s Federal Security Service (FSB) who “conspired to protect, direct, facilitate and pay criminal hackers to collect information through computer intrusions in the USA and elsewhere”.

The intrusion into Yahoo’s networks, and the group’s subsequent exploitation…

Link: Weekly Threat Report 24th March 2017
Source: NCSC Reports

Weekly Threat Report 25th November 2016

ATMS in Europe targeted by cyber criminals

The cyber security firm, Group-IB, recently published a report on Cobalt, a suspected criminal group, that has been using a novel method to steal money from banks across Europe, including the UK, via ATMs.  According to Group-IB, Cobalt target banking organisations by using spear-phishing emails with malicious attachments that exploit software vulnerabilities. Once an attachment is opened the attackers can move through a bank’s network and…

Link: Weekly Threat Report 25th November 2016
Source: NCSC Reports

Weekly Threat Report 22nd December 2017

Ransomware fears cause companies to hoard Bitcoin

Companies are reportedly stockpiling cryptocurrencies to hedge against the possible need to pay off cyber criminals. Some firms are said to be investing in Bitcoin and Ethereum to ensure that they have cryptocurrency funds available if they are affected by a ransomware attack. A survey carried out earlier this year by Citrix found that 42% of companies surveyed were building cryptocurrency stockpiles for ransomware payments, with 28%…

Link: Weekly Threat Report 22nd December 2017
Source: NCSC Reports

Weekly Threat Report 20th April 2018

Cyber criminal groups identified on social media

Last week Facebook deleted around 120 private discussion groups – equating to more than 300,000 members – that were promoting a host of illicit cyber criminal activities, including spamming, selling stolen debit and credit account credentials, phony tax refunds, DDoS-for-hire services and botnet creation tools.

The groups had reportedly been operating on Facebook for an average of two years, although some had been in operation for up to nine…

Link: Weekly Threat Report 20th April 2018
Source: NCSC Reports