31 May 2019

IRM Weekly Cybersecurity Roundup: New Cyber Operations Centre for UK and more

Fancy getting the weekly roundup delivered straight to your inbox? Sign up to the IRM newsletter.

UK to spend £22 million to fund Cyber Operations Centre

The UK has unveiled plans to spend £22 million to fund a new Cyber Operations Centre to defend the nation against cyber-attacks and enabling the country to launch an offensive.

The Centre will work in close collaboration with national security and the army specialist information unit ’77 Brigade’. They will provide round the clock analysis to the army, dispelling misinformation and countering digital threats. Plans to use artificial intelligence with military analysts will help understand threats and get to the truth more rapidly.

The location of the Centre is yet to be confirmed, but officials have confirmed they expect the facility to be operational by 2020.

You can read more here.

Outlook diminishes for Equifax due to cyber-attack

In 2017, the consumer reporting agency company, Equifax, became victim to a huge breach that could have been prevented had they patched their Apache Struts open-source web server.

Two years on, they are still paying for their mistake. According to the Consumer News and Business Channel, Equifax find themselves suffering a slash in rating, going from ‘stable’ to ‘negative’ as classified by Moodys, an investors service rating system.

This is the first time a cybersecurity problem has been cited as the reason for a downgrade.

The cyber-attack itself led to a theft of 146 million user records from the US, Canada and United Kingdom. Details such as social security numbers, birth dates, home addresses, and partial driving license details were potentially taken.

You can read more here.

NSA faces questions after Baltimore ransomware attack

Politicians in Baltimore City were struck by a ransomware attack on the 7th May and they believe the National Security Agency helped make the breach possible.

Baltimore City Government has seen thousands of their computers frozen after their files became digitally scrambled by the malware known as ‘EternalBlue’. The cyber-hackers have demanded a Bitcoin ransom worth around $100,000 to unlock the hijacked files.

EternalBlue malware was stolen from the NSA in 2017 by cyber-hackers ‘Shadow Brokers’ but the NSA never confirmed exactly how the codes were stolen. Baltimore authorities have refused to pay the ransom.

You can read more here.

NCSC launches cybersecurity charity toolkit

The National Cyber Security Centre (NCSC) have developed a toolkit in partnership with the Charity Commission to advise charity board members on how to prevent cybercrime.

The initiative comes after the news that 65% of high-income charities recorded a cybersecurity incident in 2018. The CEO of the NCSC explained the importance of facilitating discussions between charities and technical experts to reduce malicious cyber incidents.

As well as a toolkit for large charities, they’ve produced a guide for smaller charities on practical steps to take to protect themselves from common crimes.

You can read more here.

Quick Fire Updates:

Ethical hacking – bug bounties: Intelligent computer users are taking advantage of websites which offer money for those who can find bugs or loopholes in its web code. This is exactly what happened to Mark Litchfield after finding a bug in one of Yahoo’s web codes. You can read more here.

95% drop in hacktivist attacks since 2015: The number of attacks from hacktivists has dropped significantly since the death of the hacktivist group ‘Anonymous’. You can read more here.

If you have any questions about this week’s roundup, or want to understand how you can improve your cybersecurity strategy, get in touch with IRM.