Search
Close this search box.

Become Cybersafe – 25th January

Table of Contents

[fusion_builder_container type=”flex” hundred_percent=”no” equal_height_columns=”no” hide_on_mobile=”small-visibility,medium-visibility,large-visibility” background_position=”center center” background_repeat=”no-repeat” fade=”no” background_parallax=”none” parallax_speed=”0.3″ video_aspect_ratio=”16:9″ video_loop=”yes” video_mute=”yes” border_style=”solid” margin_top=”1px” flex_align_items=”center” flex_justify_content=”flex-start”][fusion_builder_row][fusion_builder_column type=”1_1″ layout=”1_1″ background_position=”left top” border_style=”solid” border_position=”all” spacing=”yes” background_repeat=”no-repeat” margin_top=”0px” margin_bottom=”0px” animation_speed=”0.3″ animation_direction=”left” hide_on_mobile=”small-visibility,medium-visibility,large-visibility” center_content=”no” last=”true” hover_type=”none” first=”true” background_blend_mode=”overlay” min_height=”” link=””][fusion_text]

Welcome to the latest edition of the Cybersafe Cyber Threats Update, a weekly series in which we bring attention to the latest cyber attacks, scams, frauds, and malware including Ransomware, to ensure you stay safe online.

Here are the most prominent threats which you should be aware of:

A prominent UK water utility company has been the victim of a cyber attack

In the face of a recent cyber threat, Southern Water, a major UK water utility company, has become a victim of a ransomware attack orchestrated by the Black Basta group. The private entity, which operates in multiple regions of the UK, including Hampshire, the Isle of Wight, West Sussex, East Sussex, and Kent, providing water and wastewater services to a significant population, is now grappling with the aftermath of the breach.

The Black Basta ransomware group, known for its malicious activities, has claimed responsibility for the hack and included Southern Water in its list of victims on the Tor data leak site. The group has threatened to expose 750 gigabytes of sensitive data, including personal and corporate documents, on February 29, 2024. Screenshots posted by the hackers have revealed some Southern Water employees’ personal details, passports, and ID cards.

While the specific ransom amount demanded by the Black Basta group is currently undisclosed, the group typically follows a double-extortion attack model, pressuring victims to pay under the threat of exposing confidential information.

This breach follows recent revelations that identified a vulnerability in the encryption algorithm of Black Basta ransomware earlier this month. The researchers developed a free decryptor in response to the flaw, enabling some victims to recover their files.

Black Basta, active since April 2022, has amassed over $107 million in Bitcoin ransom payments. A joint study by Elliptic and Corvus Insurance has identified at least 329 victims, including well-known entities such as ABB, Capita, Dish Network, and Rheinmetall. Analysis of blockchain transactions suggests a connection between Black Basta and the now-discontinued Conti Group, with funds laundered through the Russian crypto exchange Garantex.

The ransomware’s encryption algorithm analysis indicates a weakness exploited around April 2023. Files below 5,000 bytes in size are deemed unrecoverable, while full recovery is possible for files between 5,000 bytes and 1GB. However, a recent fix implemented by Black Basta limits the effectiveness of the decryption technique, making it unusable for cyber attacks conducted after December 2023.

As a cyber security and IT support company in Derby, Neuways also discussed a story recently about a fencing company being the victim of a cyber attack. The fencing company seemed a random choice at first until it was found to be a supplier to a UK military base. These stories highlight the importance of all companies being tight on cyber security, as sometimes the initial victim is just a small part of a bigger plan.

Microsoft discloses a cyber attack from nation-state threat actor

Microsoft has disclosed a nation-state cyber attack on its corporate systems by Midnight Blizzard, a Russian state-sponsored actor. The attack, detected on January 12, 2024, utilised a password spray technique to compromise a non-production test tenant account in late November 2023.

This account was then used to access a limited number of Microsoft corporate email accounts, including those belonging to senior leadership, cyber security, legal, and other functions. The threat actor exfiltrated some emails and attached documents, primarily targeting information related to Midnight Blizzard.

It’s emphasised that the attack did not exploit vulnerabilities in Microsoft products or services, and there is no evidence of the threat actor accessing customer environments, production systems, source code, or AI systems. Microsoft is notifying affected employees and assures customers that they will be informed if any action is required.

The incident underscores the ongoing risk posed by well-resourced nation-state threat actors. Microsoft acknowledges the need to recalibrate the balance between cyber security and business risk, as announced in its Secure Future Initiative (SFI). Immediate actions include applying current security standards to Microsoft-owned legacy systems and internal business processes, even if it causes disruptions. This adjustment reflects a commitment to a faster and more proactive security approach.

While these changes may result in some disruption, Microsoft sees them as necessary steps to address the evolving threat landscape. The company is actively investigating the incident, collaborating with law enforcement and regulators, and remains committed to sharing insights and learnings with the community. Additional details will be provided as the investigation progresses.

Neuways operate as a Microsoft Modern Workplace Partner, meaning we are able to offer clients a gold standard service that sees businesses grow with software.

Government urges businesses to tighten up on Cyber Security


A newly proposed Code of Practice on cyber security governance, targeted at directors and senior leaders, emphasises the need for businesses to prioritise cyber security alongside financial and legal considerations.

Developed in collaboration with industry experts and the National Cyber Security Centre, the Code recommends clear roles and responsibilities, detailed incident response plans, and regular testing. With cyber attacks impacting nearly one in three firms, the government seeks feedback from business leaders to shape the future of cyber security in the UK. The Code aims to empower leaders in navigating cyber threats, safeguarding customers, and supporting the growth of the digital economy.

The government’s response to software resilience and security concerns includes proposals to enhance software development practices and communication within supply chains. The initiatives align with the £2.6 billion National Cyber Strategy, reinforcing the importance of cyber resilience for businesses and the overall economy.

If you are a business owner that knows that you need to tighten up cyber security within your business, please do contact Neuways. We offer Managed Cyber Security services, as well as IT support from our base in Derby. Our dedicated team is always on hand to deal with your queries.

—————————————————————————————————————————–

Contact Neuways for Network Security For Businesses

If you need any assistance with cyber security to become Cybersafe, then please contact Neuways and we will help you where we can. Just get in touch with our team today. We’re based in Derby but we work with clients all over the country and can travel for your needs.

[/fusion_text][/fusion_builder_column][/fusion_builder_row][/fusion_builder_container]

Want to keep up with our blog?

Get our most valuable tips right inside your inbox, once per month!

Latest IT News & Insights
Microsoft Dynamics 365 Business Central Main Product Mockup Showcase ERP
Why Business Central enhances and streamlines solutions
See how Microsoft Dynamics 365 Business Central enhances business solutions and streamlines the processes...
Read More
Neuways artificial intelligence
Artificial Intelligence: The Good, The Bad & The Ugly
AI is the Marmite of the IT world. Love it or hate it, the reality is it filters into our everyday lives...
Read More
Choose Neuways for your IT Support, Cyber Security and Business Central needs.
Cyber Security Acronyms Part 1: Neuways
We are helping clients to understand cyber security. We're making it easy for you, as we are jargon busting...
Read More
Password Manager and Security with neuways
Password Managers just became an even more important tool for Employees
The Government has brought in a ban on employees and manufacturers using default passwords.
Read More
Dark Web monitoring
What is the Dark Web?
Dark Web Monitoring identifies whether any of your company data (including login credentials and confidential...
Read More
Password Manager and Security with neuways
Password Security
Business Password Manager Tool Protect your remote workforce with Password Manager Tool, the business...
Read More
WatchGuard WiFi Security
WatchGuard User Services Platform – Simple, Secure and Intelligent WiFi
Why do Neuways partner with WatchGuard? Find out below to see how we improve the cyber security of your...
Read More
Endpoint Security
Endpoint Security
Protect your business with the best in Endpoint Security – How Neuways can help you Protect Your...
Read More

Frequently Asked Questions

Managed IT support is a comprehensive solution where an expert IT provider, like Neuways, handles your technology infrastructure. This includes proactive monitoring, maintenance, cyber security, and support.

Contact us

Support: 01283 753300

Business Development: 01283 753333

Purchasing: 01283 753322

Admin and Accounts: 01283 753311

Email: hello@neuways.com

Yes we do. Your business needs Cyber Security due to the increasing number of cyber threats that are affecting businesses in all industries. If your business has data and technology systems implemented, you will need Managed Cyber Security.

Yes we can. We have our own dedicated Microsoft Dynamics 365 Business Central teams who work to ensure that we can implement the right systems and solutions into your website that are absolute right for you. 

Got a question?

Reach out
& Connect

Please enable JavaScript in your browser to complete this form.
Name