- Security TWENTY
- Women in Security
Criminals are launching more online attacks on UK businesses than ever, say UK police and cyber authorities in a report to mark the start a cyber security conference.
The National Cyber Security Centre (NCSC), which is part of the Government intelligence agency GCHQ, is hosting specialists from across UK Government, industry and law enforcement to their flagship, three-day CYBERUK 2018 event in the Manchester Central Convention Complex.
‘The Cyber Threat to UK Business’, jointly authored by the NCSC and the National Crime Agency (NCA, which hosts the National Cyber Crime Unit) with industry partners, covers ransomware such as last May’s Wannacry attack; and distributed denial of service attacks; data breaches and supply chain compromises; fake news stories and ‘information operations’ which can cause embarrassment and reputational damage; and business email compromise fraud. The report details some of the biggest cyber attacks from the last year and notes that risks to UK businesses continue to grow. Emerging threats are also highlighted, such as theft from cloud storage and crypto-jacking, in which computers are hijacked to create crypto-currencies such as bitcoin.
The 15-page report acknowledges that a basic cyber security posture is no longer enough and most attacks will be defeated by organisations which prioritise cyber security and work closely with government and law enforcement.
Ciaran Martin, Chief Executive of the NCSC, said: “We are fortunate to be able to draw on the cyber crime fighting expertise of our law enforcement colleagues in the National Crime Agency. This joint report brings together the combined expertise of the NCA and the NCSC. The key to better cyber security is understanding the problem and taking practical steps to reduce risk.
“This report sets out to explain what terms like cryptojacking and ransomware really mean for businesses and citizens, and using case studies, shows what can happen when the right protections aren’t in place.”
And Donald Toon, director of the NCA’s Prosperity Command, said: “UK business faces a cyber threat which is growing in scale and complexity. Organisations which don’t take cyber security extremely seriously in the next year are risking serious financial and reputational consequences. By increasing collaboration between law enforcement, government and industry we will make sure the UK is a safe place to do business and hostile zone for cyber criminals. Full and early reporting of cyber crime to Action Fraud will be essential to our efforts.”
To download the report visit https://www.ncsc.gov.uk/cyberthreat.
Today’s CYBERUK 2018 sessions include the Bank of England’s Chief Operating Officer Joanna Place giving advice on engaging boards on cyber security and the ICO’s Deputy Commissioner James Dipple-Johnson updating on the impending GDPR (general data protection regulation).
David Emm, Principal Security Researcher at the cyber product company Kaspersky Lab said in light of the NCSC findings, it simply comes down to being prepared – and there are several steps that businesses should take to arm themselves against threats. “Although businesses have no direct control over the growth of cybercrime, by taking simple steps to secure their internal systems, they can reduce their exposure to attack.”
And Gary Cox, Technology Director for Western Europe at Infoblox, said: “This news should serve as yet another nudge for businesses to ensure they are regularly conducting reviews of their cybersecurity policies, processes and tooling to keep up with the rapidly growing cyberthreat landscape. Organisations need to make sure they have a proactive strategy in place, moving from defensive strategies to offensive; from detection to prevention. Using datasets such as newly observed domain feeds and technologies like machine learning can help identify potential risks and threats, and make it easier for organisations to spot unusual activity on their networks as soon as it appears. Approaches like this can help organisations to become as agile and as fast as the cybercriminals we are fighting against.”