Cyber Bytes banner RPC law

Cyber_Bytes - Issue 32

10 May 2021. Published by Richard Breavington, Partner and Daniel Guilfoyle, Partner and Ian Dinning, Senior Associate and Rachel Ford, Senior Associate and Christopher Ashton, Senior Associate and Bethan Griffiths, Senior Associate and Ridvan Canbilen, Associate

Welcome to Cyber_Bytes, our bi-weekly round up of key developments in cyber, tech and evolving risks.

NCSC launches new Early Warning Service

The National Cyber Security Centre is offering a free service which alerts organisations to potential cyber-attacks affecting their networks, named the Early Warning Service. It is said to provide timely and specialized notifications about possible incidents and security issues.

To read more, please click here.

Pipeline operators pay ~$5 Million ransom

The operators of the US' largest fuel pipeline has paid nearly $5 million in cryptocurrency to hackers, following a cyber security incident. It remains unclear whether the payment was funded by the company’s cyber-insurer.

Click here to read more.

Ransomware groups email customers to increase pressure

In a move designed to pressurise more victims into paying a ransom demand, there is a developing trend in ransomware groups of emailing the victim’s customers directly, warning that their data will be leaked to the dark web unless they can convince the victim to pay up.

Click here and here to read more.

Government provided £3.68m in ‘exceptional financial support’ to Council for cyber-attack recovery

Redcar and Cleveland Borough Council has received a grant of £3.68 million from the Government as a contribution towards the c.£10.4m it paid out last year as a result of a ransomware attack. The grant has apparently been offered as recognition of the unique circumstances of the incident and is distinct from the usual rescue packages that government sometimes offers local authorities.

Click here to read more.

NCSC issues free cyber security training for schools

The National Cyber Security Centre has released free cyber security training for school staff, setting out real-life incident case studies and four practical steps staff can take to protect themselves online.

To read more, please click here.

Claim brought for over £4bn lost cryptocurrency

A claim is being brought against developers of several cryptocurrencies to recover the cryptocurrency. The claimant asserts that he has legitimate ownership over the cryptocurrency, and where that can be shown the developers of it have a duty to ensure recovery. The value of the claim as at today’s market rates will be in excess of £4bn.

Click here to read more

Insurance industries struggling to keep up with surge in cyber attacks

The COVID-19 pandemic has driven greater digitalization and remote working and as a result cyber vulnerability has intensified significantly. According to the Hiscox Cyber Readiness Report 2020, only 26% of the firms have stand-alone cyber insurance policies. The majority of firms rely on generic insurance policies which do not explicitly include or exclude cyber cover, giving rise to 'silent cyber' losses. S&P Global has suggested there needs to be further development of stand-alone cyber insurance products which would offer more efficient and optimized control of accumulation risk.

To read more, please click here.

5 cyber threat trends that will remain prominent in 2021

In their Cyber Threats Retrospective report, PWC highlight that over the last 12 months, the five most prolific cyber threat trends were ransomware, using current affairs as bait, supply chain attacks, social engineering and a rise of the defenders. Additionally, the report explores their wider impact on organisations, business and society.

To read more, please click here.

Npower app to be removed after login data was stolen

It is believed that personal contact details and partial financial information may have been obtained, but those affected were immediately alerted and had their accounts locked. The energy provider, which is owned by E.ON, has reinforced that protecting customers' security and data is their top priority and it was thanks to their robust threat detection and other cyber defences that the attack was identified.

To read more, please click here.

Bridewell Consulting reports on aviation's cyber security vulnerability

88% of UK aviation companies have detected cyber attacks in the last year, despite 78% stating their systems are secure according to research by Bridewell Consulting.

They posit that the aviation industry is facing an increased risk of cyber-attacks due to ageing infrastructure, a complex supply chain and the accessibility of operations systems both from corporate networks and over the internet.

The data shows that 28% of companies have reduced their infrastructure budget since the start of the pandemic and the industry is being urged to review and update its security before it is too late.

To read more, please click here.

The different flavours of cyber resilience

In an article on cyber resilience - the ability to anticipate and withstand cyber-attacks - internationally recognized IT security author, Torsten George, offers his insight into best practices.

The steps needed to effectively implement cyber resilience strategies, will vary from business to business but these strategies are essential to ensure organisations can improve their data protection strategies, as well as survive a cyber-attack. To be effective, it must be applied to all cyber resources, namely networks, data, workloads, devices and people. Cyber resilience can also help prevent cyber incidents which may happen due to human error or outdated software.

To read more, please click here.

Insurance industries struggling to keep up with surge in cyber attacks

The COVID-19 pandemic has driven greater digitalization and remote working and as a result cyber vulnerability has intensified significantly. According to the Hiscox Cyber Readiness Report 2020, only 26% of the firms have stand-alone cyber insurance policies. The majority of firms rely on generic insurance policies which do not explicitly include or exclude cyber cover, giving rise to 'silent cyber' losses. S&P Global has suggested there needs to be further development of stand-alone cyber insurance products which would offer more efficient and optimized control of accumulation risk.

To read more, please click here.

5 cyber threat trends that will remain prominent in 2021

In their Cyber Threats Retrospective report, PWC highlight that over the last 12 months, the five most prolific cyber threat trends were ransomware, using current affairs as bait, supply chain attacks, social engineering and a rise of the defenders. Additionally, the report explores their wider impact on organisations, business and society.

To read more, please click here.

Npower app to be removed after login data was stolen

It is believed that personal contact details and partial financial information may have been obtained, but those affected were immediately alerted and had their accounts locked. The energy provider, which is owned by E.ON, has reinforced that protecting customers' security and data is their top priority and it was thanks to their robust threat detection and other cyber defences that the attack was identified.

To read more, please click here.

Bridewell Consulting reports on aviation's cyber security vulnerability

88% of UK aviation companies have detected cyber attacks in the last year, despite 78% stating their systems are secure according to research by Bridewell Consulting.

They posit that the aviation industry is facing an increased risk of cyber-attacks due to ageing infrastructure, a complex supply chain and the accessibility of operations systems both from corporate networks and over the internet.

The data shows that 28% of companies have reduced their infrastructure budget since the start of the pandemic and the industry is being urged to review and update its security before it is too late.

To read more, please click here.

The different flavours of cyber resilience

In an article on cyber resilience - the ability to anticipate and withstand cyber-attacks - internationally recognized IT security author, Torsten George, offers his insight into best practices.

The steps needed to effectively implement cyber resilience strategies, will vary from business to business but these strategies are essential to ensure organisations can improve their data protection strategies, as well as survive a cyber-attack. To be effective, it must be applied to all cyber resources, namely networks, data, workloads, devices and people. Cyber resilience can also help prevent cyber incidents which may happen due to human error or outdated software.

To read more, please click here.

Insurance industries struggling to keep up with surge in cyber attacks

The COVID-19 pandemic has driven greater digitalization and remote working and as a result cyber vulnerability has intensified significantly. According to the Hiscox Cyber Readiness Report 2020, only 26% of the firms have stand-alone cyber insurance policies. The majority of firms rely on generic insurance policies which do not explicitly include or exclude cyber cover, giving rise to 'silent cyber' losses. S&P Global has suggested there needs to be further development of stand-alone cyber insurance products which would offer more efficient and optimized control of accumulation risk.

To read more, please click here.

5 cyber threat trends that will remain prominent in 2021

In their Cyber Threats Retrospective report, PWC highlight that over the last 12 months, the five most prolific cyber threat trends were ransomware, using current affairs as bait, supply chain attacks, social engineering and a rise of the defenders. Additionally, the report explores their wider impact on organisations, business and society.

To read more, please click here.

Npower app to be removed after login data was stolen

It is believed that personal contact details and partial financial information may have been obtained, but those affected were immediately alerted and had their accounts locked. The energy provider, which is owned by E.ON, has reinforced that protecting customers' security and data is their top priority and it was thanks to their robust threat detection and other cyber defences that the attack was identified.

To read more, please click here.

Bridewell Consulting reports on aviation's cyber security vulnerability

88% of UK aviation companies have detected cyber attacks in the last year, despite 78% stating their systems are secure according to research by Bridewell Consulting.

They posit that the aviation industry is facing an increased risk of cyber-attacks due to ageing infrastructure, a complex supply chain and the accessibility of operations systems both from corporate networks and over the internet.

The data shows that 28% of companies have reduced their infrastructure budget since the start of the pandemic and the industry is being urged to review and update its security before it is too late.

To read more, please click here.

The different flavours of cyber resilience

In an article on cyber resilience - the ability to anticipate and withstand cyber-attacks - internationally recognized IT security author, Torsten George, offers his insight into best practices.

The steps needed to effectively implement cyber resilience strategies, will vary from business to business but these strategies are essential to ensure organisations can improve their data protection strategies, as well as survive a cyber-attack. To be effective, it must be applied to all cyber resources, namely networks, data, workloads, devices and people. Cyber resilience can also help prevent cyber incidents which may happen due to human error or outdated software.

To read more, please click here.

Insurance industries struggling to keep up with surge in cyber attacks

The COVID-19 pandemic has driven greater digitalization and remote working and as a result cyber vulnerability has intensified significantly. According to the Hiscox Cyber Readiness Report 2020, only 26% of the firms have stand-alone cyber insurance policies. The majority of firms rely on generic insurance policies which do not explicitly include or exclude cyber cover, giving rise to 'silent cyber' losses. S&P Global has suggested there needs to be further development of stand-alone cyber insurance products which would offer more efficient and optimized control of accumulation risk.

To read more, please click here.

5 cyber threat trends that will remain prominent in 2021

In their Cyber Threats Retrospective report, PWC highlight that over the last 12 months, the five most prolific cyber threat trends were ransomware, using current affairs as bait, supply chain attacks, social engineering and a rise of the defenders. Additionally, the report explores their wider impact on organisations, business and society.

To read more, please click here.

Npower app to be removed after login data was stolen

It is believed that personal contact details and partial financial information may have been obtained, but those affected were immediately alerted and had their accounts locked. The energy provider, which is owned by E.ON, has reinforced that protecting customers' security and data is their top priority and it was thanks to their robust threat detection and other cyber defences that the attack was identified.

To read more, please click here.

Bridewell Consulting reports on aviation's cyber security vulnerability

88% of UK aviation companies have detected cyber attacks in the last year, despite 78% stating their systems are secure according to research by Bridewell Consulting.

They posit that the aviation industry is facing an increased risk of cyber-attacks due to ageing infrastructure, a complex supply chain and the accessibility of operations systems both from corporate networks and over the internet.

The data shows that 28% of companies have reduced their infrastructure budget since the start of the pandemic and the industry is being urged to review and update its security before it is too late.

To read more, please click here.

The different flavours of cyber resilience

In an article on cyber resilience - the ability to anticipate and withstand cyber-attacks - internationally recognized IT security author, Torsten George, offers his insight into best practices.

The steps needed to effectively implement cyber resilience strategies, will vary from business to business but these strategies are essential to ensure organisations can improve their data protection strategies, as well as survive a cyber-attack. To be effective, it must be applied to all cyber resources, namely networks, data, workloads, devices and people. Cyber resilience can also help prevent cyber incidents which may happen due to human error or outdated software.

To read more, please click here.

Insurance industries struggling to keep up with surge in cyber attacks

The COVID-19 pandemic has driven greater digitalization and remote working and as a result cyber vulnerability has intensified significantly. According to the Hiscox Cyber Readiness Report 2020, only 26% of the firms have stand-alone cyber insurance policies. The majority of firms rely on generic insurance policies which do not explicitly include or exclude cyber cover, giving rise to 'silent cyber' losses. S&P Global has suggested there needs to be further development of stand-alone cyber insurance products which would offer more efficient and optimized control of accumulation risk.

To read more, please click here.

5 cyber threat trends that will remain prominent in 2021

In their Cyber Threats Retrospective report, PWC highlight that over the last 12 months, the five most prolific cyber threat trends were ransomware, using current affairs as bait, supply chain attacks, social engineering and a rise of the defenders. Additionally, the report explores their wider impact on organisations, business and society.

To read more, please click here.

Npower app to be removed after login data was stolen

It is believed that personal contact details and partial financial information may have been obtained, but those affected were immediately alerted and had their accounts locked. The energy provider, which is owned by E.ON, has reinforced that protecting customers' security and data is their top priority and it was thanks to their robust threat detection and other cyber defences that the attack was identified.

To read more, please click here.

Bridewell Consulting reports on aviation's cyber security vulnerability

88% of UK aviation companies have detected cyber attacks in the last year, despite 78% stating their systems are secure according to research by Bridewell Consulting.

They posit that the aviation industry is facing an increased risk of cyber-attacks due to ageing infrastructure, a complex supply chain and the accessibility of operations systems both from corporate networks and over the internet.

The data shows that 28% of companies have reduced their infrastructure budget since the start of the pandemic and the industry is being urged to review and update its security before it is too late.

To read more, please click here.

The different flavours of cyber resilience

In an article on cyber resilience - the ability to anticipate and withstand cyber-attacks - internationally recognized IT security author, Torsten George, offers his insight into best practices.

The steps needed to effectively implement cyber resilience strategies, will vary from business to business but these strategies are essential to ensure organisations can improve their data protection strategies, as well as survive a cyber-attack. To be effective, it must be applied to all cyber resources, namely networks, data, workloads, devices and people. Cyber resilience can also help prevent cyber incidents which may happen due to human error or outdated software.

To read more, please click here.