26 April 2019

IRM Weekly Cybersecurity Roundup: Huawei and 5G and more

Fancy getting the weekly roundup delivered straight to your inbox? Sign up to the IRM newsletter.

Leaked information: Huawei given the OK from UK

Despite national security warnings, the UK Government has allowed Huawei to provide antennas and non-core infrastructure for the 5G network build-out across the United Kingdom.

Controversially, the decision was made at a NSC (National Security Council) meeting and has been leaked to the public.

The warnings come from a number of ministers who raised concerns about the decision, fearing the company could allow the Chinese Government to coerce the firm to install technological “back doors”. Doing this could allow China to spy on or disable Britain’s communications network.

Huawei deny having any illegal ties to the Chinese Government that aren’t legally obligated. The UK’s decision is likely to further strain relations with the US, who have banned Huawei from Government networks and urged others do to the same.

You can read more here.

Cyber-attacks on the rise for British firms in 2019

2019 has already shown a mass of cyber-attacks, but figures confirm that British firms have faced a rise of 55% cyber-attacks. This is up from 40% in 2018. A sharp increase of more than 60% of firms have reported being hit by a cyber-attack more than once, this is up from 45% in 2018.

Three quarters of these businesses were classed as ‘novices’ and have incorrectly felt they weren’t at risk. The average loss has also soared from these breaches from £176,000 to £320,000, an increase of 61%.

Since new regulations introducing tough new EU data protection rules have been put in place, eight in ten UK firms have taken action.

You can read more here.

Cybercrime gang ‘Silence’ targets banks in more regions

A cybercrime gang known as ‘Silence’ has been targeting banks and ATMs in Russia and other Eastern European countries, but is now expanding its attacks towards Western Europe and Asia.

Silence was first spotted in 2016 and has now netted at least $800,000 from ATM jack-potting or ‘cash out’ schemes. The group’s tactics are based on patience and careful target selection.

The main technique is “living off the land”, which entails the attackers using tools and commands already built into the operation system itself (such as Microsoft or Windows Script host).

They also use spear phishing to target victims and steal passwords and other credentials to gain entry into a network. The emails typically contain a malicious Microsoft Word document or a Microsoft-compiled html help – aka CHM – file that gets sent to bank employees with the goal of tricking them into clicking on a link.

Security researchers believe Silence will continue to refine its tactics and update its custom tool set for their expansion into Weston Europe and Asia.

You can read more here.

Cybersecurity organisations clarify their roles dealing with cyber-attacks

The National Cyber Security Centre (NCSC) and the Information Commissioner’s Office (ICO) have taken steps to make it easier for organisations to know which authority to go to if they are a cyber-attack victim.

The NCSC manages cyber incidents of national importance, helping with the response and learning lessons to help deter future attacks. In comparison, the ICO is the independent regulator for the enforcement of data protection rules and is the authority to be notified when organisations suffer a cyber-attack.

The agreement has clarified that the ICO’s role will be to establish circumstances of the incident, making sure that the organisations have adequately protected any personal data put at risk. Meanwhile, the NCSC has agreed to engage directly with victims and to provide free and confidential advice.

Both organisations will share anonymised information with each other, while respecting each other’s remits and responsibilities.

You can read more here.

Quick Fire Updates:

Ex-partner stalked and hacked into partner’s Facebook and webcam: Former British Gas engineer Mark Wellings hacked into his ex-girlfriend of two months Facebook and home webcam after their split. Read more here.

ASUS hackers snuck malware into video games: Just weeks after revealing the ASUS incident, the same hackers appear to have corrupted versions of the Microsoft Visual Studio development tool, which three different video game companies used in their own development. Read more here.

A new free online tool to help local authorities and emergency services in cyber: The ‘Exercise in a Box’ is a new online tool for local authorities, emergency services and small businesses with a range of real-life scenarios based on common cyber threats facing the country. Read more here.

To receive this blog direct to your inbox every week, sign up to our newsletter.

If you have any questions about this week’s roundup, or want to understand how you can improve your cybersecurity strategy, get in touch with IRM.