A spokesperson for the National Cyber Security Centre said:
“We are aware of a cyber incident and we are working with NHS Digital and the National Crime Agency to investigate.”
Advice on protecting yourself from ransomware is available here.
UPDATE
A statement from the NCSC on the international cyber incident can be read here.
Link: NHS Alert
Source: NCSC Alerts
Cyber-enabled theft from Taiwanese bank
On 5th October 2017 Taiwan’s Far Eastern International Bank (FEIB) reported that it had fallen victim to a cyber-enabled theft. It is not yet known how much the attackers attempted to steal, but open source reports this figure could be as high as 60 million USD. FEIB states that, owing to errors by the criminals in their SWIFT[1] messaging configuration and efforts to recover the stolen money, estimated losses are less than 500,000 USD…
Link: Weekly Threat Report 13th October 2017
Source: NCSC Reports
Fake airline websites distributed by social media
Scammers are using the brands of major global airlines to lure users to fake websites and then encourage them to share links to the sites with friends. When a user clicks through to the sites they are prompted to answer a few simple questions and provide personal information to get free flights. Once they give away their name, email, phone, date of birth and address they are then told they will receive the flights, only once they ‘like…
Link: Weekly Threat Report 23rd June 2017
Source: NCSC Reports
Drone-enabled hacking
An organisation’s most sensitive information is often stored on ‘air-gapped’ computers, which are physically separated from the internet. The lack of a connection protects them from most external attackers, and even if the machine is infected with malware, the data is difficult to exfiltrate.
An Israeli researcher has demonstrated a new technique for transmitting information out of air-gapped computers, using malware to force LEDs to flash in a…
Link: Weekly Threat Report 3rd March 2017
Source: NCSC Reports
Malware-infected ATMs compromise Indian debit cards
Indian media have reported that 3.2 million debit cards may have been compromised by ATM malware in what has been described as the “biggest ever cyber security breach” in the Indian banking sector. The Economic Times reported that debit cards belonging to large banks such as the State Bank of India (SBI), HDFC Bank, Yes Bank and ICICI Bank may have been compromised.
Although some reports indicate that the breach may have…
Link: Weekly Threat Report 28th October 2016
Source: NCSC Reports
Two-factor authentication usage
Open source reports quote remarks made by a Google software engineer who revealed at a recent security conference that fewer than 10 per cent of Gmail users enabled Two-Factor Authentication (2FA).
The benefit of 2FA is that it provides an extra layer of security. The user has to provide standard login details of a password and username and also something that only that user has access to. This might be a physical token, keyfob device,…
Link: Weekly Threat Report 25th January 2018
Source: NCSC Reports
It’s not just production that needs securing
Most large companies will use an online development environment to build and test code prior to deployment on outward and inward facing networks.
Much of the code found in development environments is sensitive and critical to running and managing a business. The unauthorised disclosure of code could allow cyber actors to identify exploitable weaknesses.
Recent open source reporting has highlighted a compromise of a company’s…
Link: Weekly Threat Report 18th May 2018
Source: NCSC Reports
We are aware of reports that some customers of TalkTalk are suffering problems with their home routers. We have been in contact with the company who are working to resolve the problem. We will continue to monitor the situation and will provide an update if required.
TalkTalk are offering help and support on their website.
Link: TalkTalk Alert
Source: NCSC Alerts
Whole Foods Market credit card data breach
Whole Foods Market, a US-headquartered supermarket with a small UK presence, has reported it is investigating a credit card breach. The store warned of unauthorised access to the credit card data of customers using restaurants and ‘tap rooms’ in its stores. The cards used by customers at store checkouts are not thought to have been affected. Investigations are still underway; however, it is likely the card data was acquired through…
Link: Weekly Threat Report 6th October 2017
Source: NCSC Reports
Mouseover malware masquerading in Powerpoint files
According to media reports, a new method of delivering malware has surfaced. ‘Zusy’ malware, according to IT company ExtremeTech, is a banking trojan whose intention is to steal credentials. The reports suggest that simply hovering your mouse over a link will lead to infection without requiring you to click on anything. However, several stages are required to successfully infect a user.
What is interesting about this malware is that the…
Link: Weekly Threat Report 16th June 2017
Source: NCSC Reports
