Welcome to the latest edition of the Neu Cyber Threats, a weekly series in which we bring attention to the latest cyber attacks, scams, frauds, malware including Ransomware and DDoS, in order to ensure you stay safe online.

Here are the most prominent threats which you should be aware of:

 

Dropbox

Capita experienced a cyber incident impacting 365 applications.

On Friday 31st March, Capita plc (“Capita”) experienced a cyber incident primarily impacting access to internal applications. This caused disruption to some services provided to individual clients, though the majority of our client services remained in operation.
Our IT security monitoring capabilities swiftly alerted us to the incident, and we quickly invoked our established and practised technical crisis management protocols. Immediate steps were taken to successfully isolate and contain the issue. The issue was limited to parts of the Capita network and there is no evidence of customer, supplier or colleague data having been compromised.

Working in collaboration with our specialist technical partners, including the team of leading cybersecurity experts at Microsoft Incident Response, we have restored Capita colleague access to various systems, and we are making good progress restoring remaining client services in a secure and controlled manner.

The UK suffers more cyberattacks than any other European country

The UK suffered the most cyberattacks of any country in Europe in the last year according to new research, which shows the nation’s energy sector remains one of the most common targets for hackers. A national trend in underspending when it comes to cybersecurity may be to blame.

IBM’s X-Force Threat Intelligence Index report, released today, shows that the UK accounted for 43% of attacks observed in Europe over the past 12 months. The energy and finance sectors suffered the most breaches each suffering 16% of the UK’s cyberattacks in 2022.

UK suffers the most cyberattacks in Europe
Other countries in Europe trail in the UK’s wake. Germany came in at a not-very-close second with 14% of attacks, followed by Portugal at 9%, Italy at 8% and France at 7%.

IT vulnerabilities were by far the most common intrusion route into UK systems in 2022, almost double the average for the rest of Europe. According to the report, “last year, 50% of UK incidents were caused by exploitation of vulnerabilities, highlighting the need for stronger vulnerability management programs, including better understanding of attack surfaces and risk-based prioritisation of patches”.

Western Digital Hit by Network Security Breach – Critical Services Disrupted!

Data storage devices maker Western Digital on Monday disclosed a “network security incident” that involved unauthorized access to its systems.

The breach is said to have occurred on March 26, 2023, enabling an unnamed third party to gain access to a “number of the company’s systems.”

Following the discovery of the hack, Western Digital said it has initiated incident response efforts and enlisted the help of cybersecurity and forensic experts to conduct an investigation.

It also said it’s coordinating with law enforcement agencies on the matter, adding the probe is in its initial stages.

The company has taken several of its services offline, noting that the threat actor may have obtained “certain data from its systems” and that it’s working on estimating the nature and scope of the data accessed.

While Western Digital did not reveal the exact services that are impacted, the My Cloud status page shows that cloud, proxy, web, authentication, emails, and push notification services are down.

“Western Digital is currently experiencing a service outage impacting the following products: My Cloud, My Cloud Home, My Cloud Home Duo, My Cloud OS5, SanDisk ibi, SanDisk Ixpand Wireless Charger,” the company said in a message posted on April 2.

If you are concerned about any cyber security issues within your business, contact us today on 01283 753 333 or email hello@neuways.com.