In recent weeks, a number of UK schools have been targeted by cybercriminals, with some serious incidents underlining the need for comprehensive cyber defenses. But what are the implications, and how worrying is the threat?

‍

Recently Microsoft released a series of patches, addressing several vulnerabilities present within its software. In addition to this it has also published guidance on addressing an Office and Windows HTML remote code vulnerability known as CVE-2023-36884.

‍

The global ransomware surge continues. Since May, Colonial Pipeline in the U.S. is reported to have paid $4.4 million to attackers in order to get its infrastructure restarted...

‍

In the run-up to Christmas, consumers have once again been urged to be cautious when making purchases online. Every digital shopper faces a variety of cybercrime risks, from fake websites to a burst of seasonal phishing emails, as cybercriminals look to profit from seasonal spending.

‍

Following a recent ransomware incident, some of the UK’s favourite snack brands – including KP Nuts, McCoy’s, Tyrrells, Skips and Hula Hoops – could be in short supply in the weeks ahead.

‍

Described by Europol and many others across the cybersecurity ecosystem as “the world’s most dangerous malware”, ‘Emotet’ is a trojan that first appeared in 2014 and is delivered by infected email attachments or links

‍

The recent ‘Five Eyes’ intelligence agencies from the US, UK, Canada, Australia and New Zealand updated mitigation advice in response to Russian state-sponsored and criminal cyber threats.

‍

Emotet – the ‘world’s most dangerous malware’ – is an infamous trojan delivered via infected files or links that can auto-execute on devices without any user interaction.

‍

The attack last year on Colonial Pipeline, a vital component of the US petroleum network, severely damaged the company’s operations, causing it to halt distribution of 2.5 million barrels of fuel per day across its 5,500 miles of pipe system.

‍

In a recently-published joint letter to the Law Society and Bar Council, the UK’s Information Commissioner’s Office (ICO) and National Cyber Security Centre (NCSC) has urged lawyers not to make ransomware payments on behalf of clients disrupted by attacks.

‍

Digital files are critical to any organization. They enhance productivity, aid learning and boost collaboration. However, they are the Achilles heel of most organizations’ cybersecurity defenses.

‍

As part of a series of Q&A discussions with senior security leaders, we spoke to Pete Gibson, former Chief Information Officer at Friendly’s Restaurant, whose responsibilities include protecting its 130 outlets across the U.S.

‍

Axie Infinity – a blockchain-powered online game with over a million daily users worldwide – recently lost over $620 million in cryptocurrency following a security breach in which hackers used files infected with malware to gain access to the network of its publisher, Sky Mavis.

‍

The ongoing disruption caused by the recent ransomware attack on the NHS raises serious – and familiar – concerns. According to reporting by the BBC, disruption to NHS 111 services “targeted the system used to refer patients for care, including ambulances being dispatched, out-of-hours appointment bookings and emergency prescriptions.”

‍

The global telecommunications industry has seen its fair share of serious cybersecurity breaches in recent years. In late September 2022, for example, Optus, a major telecoms provider in Australia, revealed that the personal data of 10 million customers had been stolen by cybercriminals. The loss of data on this scale is, sadly, becoming more routine, but what puts it into perspective is that the Optus incident equates to about 40% of the population of Australia.

‍

The variety and scope of cyberattack strategies continue to make headlines, with recent incidents once again underlining the continuing risks. March was a busy month for high-profile breaches, with millions of customer records stolen and entire businesses put under threat.

‍

By May this year, the US Security and Exchange Commission (SEC) is expected to implement changes to cybersecurity and governance rules for public companies, which some predict will amount to a “tectonic” change in how boards must handle key issues such as incident reporting.

2023 is already proving to be tough for cybersecurity, with multiple major companies and organizations falling victim to data breaches and ransomware attacks. Despite the concerns these events continue to raise, however, it hasn’t all been one-way traffic in favour of the cybercriminals. Here’s what’s been happening.

‍

One of the biggest advantages of implementing Glasswall CDR is that it enables organizations to be proactive in preventing file-based security breaches.

‍