Tag: national cyber security centre
Cybercriminals crack MFA defenses
Cybercriminals are now using social engineering techniques developed to crack passwords to break through multi-factor authentication (MFA) defenses, such as sending a code to another device, such as the user’s smartphone. According to the UK’s National Cyber Security Centre (NCSC) report, Not all types of MFA are created equal...: “Attackers have realized that many of the same social engineering techniques that tricked us into handing over passwords can also be updated to overcome some methods of MFA. We’ve seen the success of attacks against MFA-protected accounts increasing over the past couple of years.”
US and UK call time on Silicon Valley
A clarion call has gone out on both sides of the Atlantic for digital technologies to be made secure by design rather than by default. At San Francisco’s RSA cyber conference earlier this month, Jen Easterly, the director of CISA, the US Cyber Defense Agency, called for software to be made far more secure. This week, Ollie Whitehouse, the CTO of the NCSC, the UK’s National Cyber Security Centre, also echoed her thoughts, demanding that the technology industry make its products more cyber-secure from the start.
‘INC Ransom’ Group Threatens to Release NHS Data – March 28th
The 'INC Ransom' ransomware group publicly threatened to release three terabytes of NHS Scotland sensitive patient and staff data, after publishing a smaller sample size proving the viability of the threat. NHS Dumfries and Galloway's efforts to prevent the attack from being repeated are underway in collaboration with Police Scotland and the National Cyber Security Centre (NCSC).
The UK Warns on AI-Generated Malware from Nation-States – January 25th
According to the UK's National Cyber Security Centre (NCSC), AI-generated malware built to avoid detection could be a serious threat inflicted by nation-state threat actors this year. The NCSC further stated that based on their investigations, they believe nation-state groups hold repositories of malware large enough to effectively train an AI model to bolster ransomware attack capabilities.
Russian Campaign Targeting UK Politics Exposed – December 8th
The National Cyber Security Centre (NCSC) in collaboration with partners from the US, Australia, Canada, and New Zealand revealed the Russian-state-backed threat actors terrorizing UK political systems. The NCSC identified the group 'Star Blizzard' to be a subordinate to Centre 18 from the Russian Federal Security Service (FSB). Star Blizzard targeted UK parliamentarians, UK-US trade documents, UK think tanks, universities, journalists, and NGOs using various sophisticated phishing tactics.
Convicted Russian Pleads Guilty to Ransomware Attacks – December 5th
The Department of Justice announced that the Russian national behind the malware tool Trickbot, used to launch ransomware attacks on American hospitals, pleaded guilty to his role in the malware tool's development. Trickbot was used to facilitate ransomware attacks on a string of American hospitals and health systems, disrupting care delivery and risking patient safety.