Search
Close this search box.

Cyber Threats Review 2023 – 21st December

Table of Contents

[fusion_builder_container type=”flex” hundred_percent=”no” equal_height_columns=”no” hide_on_mobile=”small-visibility,medium-visibility,large-visibility” background_position=”center center” background_repeat=”no-repeat” fade=”no” background_parallax=”none” parallax_speed=”0.3″ video_aspect_ratio=”16:9″ video_loop=”yes” video_mute=”yes” border_style=”solid” margin_top=”1px” flex_align_items=”center” flex_justify_content=”flex-start”][fusion_builder_row][fusion_builder_column type=”1_1″ type=”1_1″ layout=”1_1″ background_position=”left top” border_style=”solid” border_position=”all” spacing=”yes” background_repeat=”no-repeat” margin_top=”0px” margin_bottom=”0px” animation_speed=”0.3″ animation_direction=”left” hide_on_mobile=”small-visibility,medium-visibility,large-visibility” center_content=”no” last=”true” hover_type=”none” first=”true” background_blend_mode=”overlay” min_height=”” link=””][fusion_text]

Welcome to the latest edition of the Cybersafe Cyber Threats, a weekly series in which we bring attention to the latest cyber attacks, scams, frauds, and malware including Ransomware, to ensure you stay safe online.

This week, we are sharing the cyber attacks which had the most impact on businesses throughout 2023. If you listen to our podcast, you will also be able to hear the team discuss these attacks in more detail, as they list and explain which factors have contributed to derailing some of our country’s largest organisations and institutions. By keeping up with these threats you are likely to be able to implement the right protocols to enhance cyber security for businesses around the world.


Royal Mail Cyber Attack – Still paying for it

In January 2023, Royal Mail experienced a significant cyber attack when it fell victim to the LockBit ransomware, a group associated with Russian criminals. The attackers demanded a substantial ransom for the decryption key, but Royal Mail refused to comply. Consequently, the hackers threatened to publish the stolen and encrypted data online. The ransomware severely disrupted international deliveries, prompting the organisation to advise customers to seek alternative carriers.

The attack persisted for weeks and impacted Royal Mail’s computer systems for dispatching international deliveries. The ransom note indicated a demand in the millions, emphasising the seriousness of the situation. As a crucial part of the UK’s infrastructure, Royal Mail’s inability to send overseas letters and parcels had broader implications, affecting domestic and international communications and businesses.

Ransomware attacks pose an ongoing threat globally, and this incident underscored the vulnerability of critical national infrastructure to such cyber threats. The investigation revealed the LockBit ransomware’s solid Russian connections, though the actual perpetrator’s location remained uncertain.

The National Crime Agency, in collaboration with the National Cyber Security Centre, worked to understand the attack’s impact. Despite efforts to address the issue, Royal Mail continued to experience delivery disruptions, adding to the organisation’s challenges in recent months, including strikes by postal workers over pay and conditions.

If you listen to the Neuways Cybersafe podcast, we are able to help C-suite level executives implement their own cyber security for businesses. Our advice, tips and easy-to-understand overview and analysis of Cyber Security helps clients and business owners to better understand cyber security.

Cyber-attack on UK’s electoral registers revealed

In August 2023, the UK Electoral Commission disclosed a significant cyber attack involving “hostile actors” who gained access to the electoral registers, compromising the personal information of approximately 40 million individuals. The breach included unauthorised access to servers containing emails, control systems, and reference copies of electoral registers from 2014 to 2022, affecting both domestic and overseas voters. The compromised data encompassed names, email addresses, home addresses, telephone numbers, and additional personal information submitted via web forms or emails.

The Electoral Commission, having failed a Cyber Essentials audit around the time of the attack, revealed the incident publicly in August 2023. Despite the breach being discovered in October 2022, the commission delayed disclosure to secure systems, assessed the extent of the incident and implemented enhanced security measures. The attack, described as “very sophisticated,” did not impact election outcomes or alter registration statuses. While the accessed personal data did not pose a high individual risk, there were concerns about potential profiling combined with other public information.

The commission undertook steps to fortify its systems against future cyber attacks, updating login requirements, alert procedures, and firewall policies. The Information Commissioner’s Office initiated an urgent investigation into the data breach, emphasising the need for a comprehensive inquiry. Analysts highlighted the seriousness of the violation, emphasising the attackers’ patient and skilled approach, indicative of a probing operation seeking vulnerabilities in the UK’s democratic process. The incident raised concerns about the security of electoral systems and reinforced arguments against adopting e-voting in favour of traditional pen-and-paper methods.

Interested in making your business less vulnerable to cyber security threats? Become Cybersafe and implement cyber security for businesses with Neuways.

Threat actors compromised MGM Resorts

In September 2023, MGM Resorts International experienced a devastating cyber attack orchestrated by a criminal group known as Scattered Spider (aka Roasted 0ktapus, UNC3944, or Storm-0875). The attack, executed through a sophisticated social engineering tactic, resulted in MGM Resorts shutting down its operations temporarily. As a global hospitality and entertainment giant with a $110 million (£89.6 million) impact, MGM Resorts’ scale far surpassed that of small and medium-sized businesses.

The attackers, affiliated with AlphV, claimed to have compromised MGM Resorts’ Okta environment and infiltrated the Okta Agent servers. They exploited this access to identify vulnerable passwords, forcing MGM Resorts to shut down its Okta servers. The threat actors also boasted about possessing super administrator privileges in the company’s Azure tenant.

AlphV, suspected of collaborating with Scattered Spider, had previously targeted Caesars Entertainment, a rival Las Vegas hotel and gaming company, in a social engineering attack that led to the theft of customer data. This incident follows a trend revealed by Okta, which had disclosed similar social engineering attacks just two weeks prior.

To protect against social engineering attacks, businesses must be vigilant in recognising phishing attempts, implement robust multifactor authentication (MFA), and educate employees about potential threats. Okta, the service provider affected in this attack, emphasised that while there was no compromise of its systems, it was actively assisting MGM Resorts in restoring normal operations.

The Cyber security and Infrastructure Security Agency (CISA) confirmed its collaboration with MGM Resorts to address the incident. At the same time, researchers from Mandiant revealed that Scattered Spider often employs SMS phishing techniques to target help desks and manipulate multifactor authentication.

In response to the evolving threat landscape, organisations are urged to stay informed about mitigation recommendations provided by cyber security experts at Neuways and remain proactive in securing their systems against social engineering tactics, which continue to pose a significant risk to businesses of all sizes. Become Cybersafe with Neuways.

—————————————————————————————————————————–

Contact Neuways to help your business become

Cybersafe

If you need any assistance with cyber security to become Cybersafe, then please contact Neuways and we will help you where we can. Just get in touch with our team today.

[/fusion_text][/fusion_builder_column][/fusion_builder_row][/fusion_builder_container]

Want to keep up with our blog?

Get our most valuable tips right inside your inbox, once per month!

Latest IT News & Insights
Microsoft Dynamics 365 Business Central Main Product Mockup Showcase ERP
Why Business Central enhances and streamlines solutions
See how Microsoft Dynamics 365 Business Central enhances business solutions and streamlines the processes...
Read More
Neuways artificial intelligence
Artificial Intelligence: The Good, The Bad & The Ugly
AI is the Marmite of the IT world. Love it or hate it, the reality is it filters into our everyday lives...
Read More
Choose Neuways for your IT Support, Cyber Security and Business Central needs.
Cyber Security Acronyms Part 1: Neuways
We are helping clients to understand cyber security. We're making it easy for you, as we are jargon busting...
Read More
Password Manager and Security with neuways
Password Managers just became an even more important tool for Employees
The Government has brought in a ban on employees and manufacturers using default passwords.
Read More
Dark Web monitoring
What is the Dark Web?
Dark Web Monitoring identifies whether any of your company data (including login credentials and confidential...
Read More
Password Manager and Security with neuways
Password Security
Business Password Manager Tool Protect your remote workforce with Password Manager Tool, the business...
Read More
WatchGuard WiFi Security
WatchGuard User Services Platform – Simple, Secure and Intelligent WiFi
Why do Neuways partner with WatchGuard? Find out below to see how we improve the cyber security of your...
Read More
Endpoint Security
Endpoint Security
Protect your business with the best in Endpoint Security – How Neuways can help you Protect Your...
Read More

Frequently Asked Questions

Managed IT support is a comprehensive solution where an expert IT provider, like Neuways, handles your technology infrastructure. This includes proactive monitoring, maintenance, cyber security, and support.

Contact us

Support: 01283 753300

Business Development: 01283 753333

Purchasing: 01283 753322

Admin and Accounts: 01283 753311

Email: hello@neuways.com

Yes we do. Your business needs Cyber Security due to the increasing number of cyber threats that are affecting businesses in all industries. If your business has data and technology systems implemented, you will need Managed Cyber Security.

Yes we can. We have our own dedicated Microsoft Dynamics 365 Business Central teams who work to ensure that we can implement the right systems and solutions into your website that are absolute right for you. 

Got a question?

Reach out
& Connect

Please enable JavaScript in your browser to complete this form.
Name