Welcome to the latest edition of the Neu Cyber Threats, a weekly series in which we bring attention to the latest cyber attacks, scams, frauds, malware including Ransomware and DDoS, in order to ensure you stay safe online.

Here are the most prominent threats which you should be aware of:

 

UK Ferry operator Wightlink flags potential data breach after cyber attack

The UK ferry operator Wightlink has been hit by a complex cyber attack that potentially compromised personal data belonging to a small number of customers and staff.

The attack occurred in February and affected specific back-office IT systems, and law enforcement has been notified, along with other breach victims.

While it was stated that they had taken appropriate measures to prevent issues like this, they were still affected by the attack, which shows that everyone can be at risk from cyber attacks.

Using the most straightforward methods such as MFA and training end-users to spot the different techniques of cyber attacks is a safe and relatively cheap way to provide a solid baseline for mitigating these threats.

Nearly half of UK employees duped by online security threats, says survey

New research has found that nearly half of employees, 42%, cannot spot a scam email pretending to be from the Royal Mail.

These findings have been released by OpenText Security Solutions and continue to highlight the lack of awareness surrounding common scams and cybersecurity threats.

Working from home has pushed criminal cyber activity to an all-time high, and despite this, many employees are still oblivious to the most common threats.

Survey findings have revealed that over a quarter of employees in the UK have never completed any cyber risk awareness training.

There is no point in investing in specialist cyber security software if your employees are still clicking on dangerous links and granting criminals access to your confidential data network. Employees need to be educated on the latest risk as soon as they are discovered.

Lapsus$ hacking group breached T-Mobile

The Lapsus$ hacking group managed to steal T-Mobile’s source code in a series of breaches in March. While the systems were said to have contained no customer or government information, or sensitive information, they managed to affect many people.

After purchasing employees’ credentials online, hackers could use internal company tools to perform SIM swaps and hijack customers’ numbers. This allows for an attacker to receive calls or texts to that number, which could include MFA texts.

The same hackers had also attempted to crack into the FBI and Department of Defence’s T-Mobile accounts, according to further data. Despite not being able to do so due to MFA, it is a stark reminder that these groups can pose serious threats.

To keep yourself protected from threats like this, make sure to train your end-users and turn on extra authentication methods to prevent single passwords from providing access to hackers.

If you are concerned about any cyber security issues within your business, contact us today on 01283 753 333 or email hello@neuways.com.