Two pieces of upcoming legislation are set to transform the cyber strategies of companies in certain sectors. Immediate reporting of significant cyber-attacks is soon to be mandatory and making ransomware payments may soon be outlawed.
Carmaker Jaguar Land Rover (JLR) has shut down its systems after suffering a cyber-attack. The group claiming responsibility for the attack, The Com, also referred to as Scattered Spider, is a loosely affiliated online community of predominantly teenage English-speaking hackers based in the UK and the US.
The UK government has announced its plans to invest in digital and artificial intelligence (AI) in public services, including the NHS, aiming to build strong technology foundations and tackle urgent cybersecurity risks.
The UK government is issuing a warning this week to all companies to make cybersecurity an “absolute priority”, following recent cyberattacks on retailers Marks & Spencer, Harrods, and the Co-op. UK cabinet office minister Pat McFadden is reported to have held a briefing last week with national security officials and the CEO of the National Cyber Security Centre, Richard Horne, aimed at providing support to the three retail groups.
The UK retailers, Marks & Spencer, Harrods and the Co-Op, who have been hit by a flurry of cyber-attacks over the last two weeks, have immediately experienced a loss in consumer and investor confidence.
The UK Ministry of Defence (MoD) has egg all over its face following its admission that over 269 of its phones went missing between January 1 and February 27. This is a record number, even for the MoD, which lost 262 phones in total in 2023 and 2024.
The astonishing total of how many phones were recorded as lost, misplaced or stolen in the first two months of this year only came to light in response to a question asked in the UK parliament by the shadow defence secretary, James Cartlidge. The fact that a security-conscious organization such as the MoD could lose track of so many devices only evidences the increasing overlap between cybersecurity and physical security. Once a device such as a smartphone is in the hands of a threat actor, it can provide a portal to enable all kinds of cyber-attacks.
The Dutch Police, Politie, claim to have removed a major threat to organizations all over the world by dismantling two of the most notorious ‘infostealers’, software designed to breach computer systems to steal sensitive information.
“Operation Magnus,” conducted in collaboration with Team Cybercrime Limburg, is reported to have taken down the Redline and META info stealers, which have been responsible for infecting millions of computers worldwide with malware, leaving them open to devastating ransomware attacks and other threats.
A massive ransomware attack cost the Sri Lankan government four months of data and spread to UK government offices, including the Cabinet Office.
The world’s most-wanted cybercriminal, Russia’s Mikhail Matveev, who already has a $10 million dollar bounty issued by the FBI, is believed to be behind the recent theft of thousands of documents stolen from the UK’s Ministry of Defence (MoD). While authorities are intent on taking him down, his reign of terror shows no signs of stopping.
In today’s roundup; Russian threat actors target the Ukranian Military, browser-hacking malware found on the phones of Xiaomi users, and a LockBit data leak.
The UK Foreign Office’s culture of secrecy kept the details of the extent of a 2021 breach that endangered its staff and allies until now.
Tony Glover
