Major life-threatening cyber attack on UK ‘in little doubt’ in near future warns security chief.
The National Cyber Security Centre (NCSC), part of GCHQ, warns that a life-threatening incident will almost inevitably strike the UK in the near future. Over the last 12 months they have handled over 557 attacks by groups of hackers who are directed, sponsored or tolerated by governments of countries hostile to the UK and they are the most acute and direct cyber threat to our national security. None were category 1, a strike with potential risk to life, but the NCSC warned that this is likely. Last year’s category 2 attack on the NHS affected 80 out of the 236 hospital trusts as well as 595 GP practices, and cost the NHS £92 million.
With cyber security threats continuing to escalate worldwide, the ISACA/CMMI Institute Cybersecurity Culture Report found that only 5% of employees think their organisation’s cyber security culture is as advanced as it needs to be to protect their business from internal and external threats. More than 4,800 business and technology professionals shared their insights in the global research study, conducted via online polling in June 2018 and the results were issued this week. 9 in 10 companies report gaps between the cyber security culture they have, and the one they want. 42% do not have an outlined cyber security culture management plan or policy.
The NCSC also monitors and defends the UK against ‘high volume commodity attacks’ such as phishing emails designed to fool people into installing malware on their devices and in the year up to August 18 they removed 138,389 phishing sites hosted in the UK.
These phishing emails are becoming increasingly sophisticated to fool victims into giving their details or more recently opening pdfs. In one recent case, a user downloaded a document that seemingly offered information on upcoming releases from a major media streaming site. The document had a macro enabled that opened the file as expected, so the user was completely unaware that it had also installed a rogue application to upload and download files on demand. This particular file was able to avoid detection for a long time by limiting its core functionality to avoid detection. Hackers can then establish a persistent foothold on a network, and take their time to conduct network reconnaissance, sourcing other users to target on the network and also accessing sensitive documents stored in cloud-based services.
Companies must therefore develop and nurture a cyber security culture across the whole business, not just within their IT teams.