Search
Close this search box.

Be Cybersafe – 4th January

Table of Contents

Welcome to the latest edition of the Cybersafe Cyber Threats, a weekly series in which we bring attention to the latest cyber attacks, scams, frauds, and malware including Ransomware, to ensure you stay safe online.

Here are the most prominent threats which you should be aware of:

Institution still struggling with after effects of ransomware attack months later

A database containing sensitive data used by businesses, employees and working individuals was breached several months ago. The data held by the database is valuable to a variety of businesses and employees. And more importantly, the British Library is still grappling with the aftermath of the major ransomware attack, leading to disruptions in its services that could persist for several months. The attack, claimed by the Rhysida ransomware group, impacted the library’s website, online systems, and on-site services, including Wi-Fi and electronic payments. Internal data from the HR department was also compromised. It could easily be called a business disaster.

How did the ransomware attack occur?

The attackers demanded a ransom of 20 Bitcoin (approximately £587,202) and threatened to publish the stolen data if not paid within six days. The library’s CEO, Sir Roly Keating, mentioned in a blog post recently released, that significant damage was done, and it will take time to fully restore operations. The forensic investigation is ongoing, with at least 600 gigabytes of internal data stolen. The cyber gang that managed to steal this data have almost caused a business disaster for the Library, but cyber security experts are helping them manage it.

What was stolen by the cyber criminals?

The popular EThOS collection of doctoral theses, among other services, is currently unavailable. The British Library is collaborating with law enforcement and cyber security experts, planning a phased return of key services starting in January, and reinforcing its security infrastructure to prevent future incidents.

Database holding sensitive company information

A reported data breach has affected Crunchbase, a platform providing extensive company information, with an unknown cyber criminal gaining access to and disclosing a substantial amount of scraped data. The breach raises concerns for 3.1 million companies and 1.2 million users on the platform. There is also data that is mainly contained in the UK but also on a global basis.

What data has been stolen in the cyber attack?

The exposed information includes contact details, social media accounts, locations, and organisational hierarchies, posing a risk for large-scale spear phishing attacks and supporting social engineering strategies. Given Crunchbase’s role as a repository for comprehensive business insights, including investment details and leadership profiles, the breach could potentially reveal sensitive information about employees and company funding.

What is the company doing to recover the data?

The data scrape was organised and acted upon by a dark web threat actor, sharing a downloadable CSV file with extensive company and user details. Despite attempts to verify the breach with Crunchbase, the organisation has not issued an official statement, leaving concerns about information security on the platform pending an official response.

There are many facets and methods used to thwart a cyber attack, but if it cannot be stopped or goes undetected, the response of a company also matters. That is where the Neuways Cybersafe framework can help. It assists companies to help recover data without it being leaked and paying a ransom.

More information comes to light about cyber attacks on politicians

 

In a recent cyber attack, Russian hackers linked to the “Star Blizzard” group associated with the FSB Centre 18 used spear-phishing techniques to compromise private conversations of high-profile UK politicians and civil servants. The Foreign Office has summoned the Russian ambassador and imposed sanctions on a Russian intelligence officer and a group member.

Who was the target of a cyber attack?

The targeted individuals include MPs, Lords, civil servants, and journalists, with attempts to influence UK politics. However, all employees at businesses need to be vigilant. The sophisticated attacks involved thorough research, preparation, and impersonation of contacts. There are concerns about potential interference in the upcoming election year. The attacks, dating back to 2015, have targeted individuals and organisations, resulting in leaked and amplified information.

What are the recommended steps for cyber security measures?

While some information has been released, a substantial amount remains at the hackers’ disposal, raising worries about future disclosures timed with the UK’s general election. Sanctions have been imposed, and the UK government is working to expose Russian covert cyber activity and ensure accountability. The incident highlights the natural and severe threats posed by Russian intelligence services, emphasising the need for enhanced cyber security measures in the face of evolving tactics by state-sponsored hackers.

—————————————————————————————————————————–

Contact Neuways to help your business become Cybersafe

If you need any assistance with cyber security to become Cybersafe, then please contact Neuways and we will help you where we can. Just get in touch with our team today.

Want to keep up with our blog?

Get our most valuable tips right inside your inbox, once per month!

Latest IT News & Insights
Microsoft Dynamics 365 Business Central Main Product Mockup Showcase ERP
Why Business Central enhances and streamlines solutions
See how Microsoft Dynamics 365 Business Central enhances business solutions and streamlines the processes...
Read More
Neuways artificial intelligence
Artificial Intelligence: The Good, The Bad & The Ugly
AI is the Marmite of the IT world. Love it or hate it, the reality is it filters into our everyday lives...
Read More
Choose Neuways for your IT Support, Cyber Security and Business Central needs.
Cyber Security Acronyms Part 1: Neuways
We are helping clients to understand cyber security. We're making it easy for you, as we are jargon busting...
Read More
Password Manager and Security with neuways
Password Managers just became an even more important tool for Employees
The Government has brought in a ban on employees and manufacturers using default passwords.
Read More
Dark Web monitoring
What is the Dark Web?
Dark Web Monitoring identifies whether any of your company data (including login credentials and confidential...
Read More
Password Manager and Security with neuways
Password Security
Business Password Manager Tool Protect your remote workforce with Password Manager Tool, the business...
Read More
WatchGuard WiFi Security
WatchGuard User Services Platform – Simple, Secure and Intelligent WiFi
Why do Neuways partner with WatchGuard? Find out below to see how we improve the cyber security of your...
Read More
Endpoint Security
Endpoint Security
Protect your business with the best in Endpoint Security – How Neuways can help you Protect Your...
Read More

Frequently Asked Questions

Managed IT support is a comprehensive solution where an expert IT provider, like Neuways, handles your technology infrastructure. This includes proactive monitoring, maintenance, cyber security, and support.

Contact us

Support: 01283 753300

Business Development: 01283 753333

Purchasing: 01283 753322

Admin and Accounts: 01283 753311

Email: hello@neuways.com

Yes we do. Your business needs Cyber Security due to the increasing number of cyber threats that are affecting businesses in all industries. If your business has data and technology systems implemented, you will need Managed Cyber Security.

Yes we can. We have our own dedicated Microsoft Dynamics 365 Business Central teams who work to ensure that we can implement the right systems and solutions into your website that are absolute right for you. 

Got a question?

Reach out
& Connect

Please enable JavaScript in your browser to complete this form.
Name