• An Overview of the UK Cybersecurity Landscape in 2023: What You Need to Know

    Cybersecurity is a major concern for everyone, but especially for businesses operating in the UK. With threats from ransomware, data breaches, and malicious actors, it is important to stay up to date on the latest developments and best practices. In this blog post, we provide an overview of the UK cybersecurity landscape, so you can be better informed and prepared for the future.

    The UK's Cybersecurity Regulations

    The UK has recently implemented the Network and Information Systems Regulations (NIS Regulations), which are designed to protect critical infrastructure from cyberattack. The regulations provide an important layer of security for the UK, as online attacks become increasingly common and sophisticated. They apply to all businesses and organisations in the UK that provide essential services, such as energy, transport, healthcare, banking and finance. The regulations stipulate a set of technical and organisational measures to ensure robust cybersecurity across the country's critical infrastructure. This includes regular tests to check for vulnerabilities and new systems to detect cyberattacks quickly, allowing organisations to respond swiftly and limit any potential damage. The NIS Regulations are an important step in safeguarding the UK from cyber threats.

    The regulations require organisations to implement robust cybersecurity measures to protect their systems from unauthorised access and malicious actors. In the UK, organisations must comply with the National Cyber Security Centre's Cyber Essentials certification program. This certification requires organisations to comply with a set of security controls and provide assurance that they meet the basic requirements of cybersecurity. Furthermore, organisations must actively monitor their systems and networks regularly to identify any potential threats and take appropriate steps to mitigate them. By taking these measures, UK organisations can ensure that they are adequately protected against malicious actors and any unauthorised attempts at accessing their systems.

    Organisations must also report any security incidents to the government in order to ensure that other organisations are aware of potential threats Similarly, organisations must be diligent in their efforts to keep up with the ever-changing landscape of cybersecurity threats by reporting any security incidents that may occur to the government. This awareness is key in helping other organisations know what to look out for and how to protect their own systems from cyber attacks. By utilising this proactive approach, organisations can stay one step ahead of potential threats and guard against any malicious attempts to compromise their data.

    Current Trends and Challenges in UK Cybersecurity

    The UK has seen a steady increase in cyber attacks over the past few years, particularly targeting government and financial systems. This has caused significant disruption and cost to UK businesses and organisations, and has led to the implementation of stricter cybersecurity measures. The UK government has outlined plans to invest in both public and private sector measures to improve the nation's cybersecurity posture, aiming to protect citisens, businesses, and critical infrastructure from cyber threats. To achieve this, the UK is collaborating with industry stakeholders, universities and research institutes to develop new technologies for cybersecurity protection. With continued focus on cyber security, the UK aims to strengthen its defences against malicious actors and ensure a safer digital future.

    As new technologies become available, organisations are increasingly vulnerable to attack due to the lack of proper security measures in place. Cybersecurity has become a critical issue for businesses of all sises, and it is very important for organisations to develop and implement effective security policies and protocols to protect themselves from cyber threats. Companies must invest in resources and technology to create secure networks and regularly update their systems against the latest threats. Additionally, organisations should ensure that their staff are knowledgeable about cyber threats so they can quickly identify any suspicious activity. Taking these security measures is paramount to protecting organisational data from malicious attacks.

    Additionally, the UK is lacking in resources and expertise to effectively combat these threats, making it difficult for businesses and individuals to stay safe online Similarly, the UK is lagging behind in joomla resources and expertise to combat the ever increasing threats of cyber security. This lack of competence has left businesses and individuals in a vulnerable state with regards to safety online.

    Final Say

    In conclusion, the UK cybersecurity landscape is constantly changing and evolving. It is essential that businesses stay up to date with the latest developments in order to protect their data and remain secure. Keeping a close eye on the market, understanding the threats and best practices for prevention, and having a plan of action in place can help ensure that your business remains secure. Having a web partner who understands this and can manage your web presence is an essential business activity.

    Contact Wintercorn for a no-obligation assessment of your cybersecurity situation for your Joomla or WordPress website.

  • 'The Heritage Company' hack shows value of working, offsite backups

    It wasn’t a case of “Merry Christmas” for the employees of an Arkansas-based telemarketing firm after they were told to find new jobs just before Christmas 2019.

    Sherwood-based The Heritage Company was hit a ransomware attack in October 2019, and – according to a letter sent to staff by the CEO – efforts to repair the damage had been unsuccessful for several weeks.   It would be easy to say that it wasn’t ransomware which brought about the apparent demise of The Heritage Company, but instead a lack of secure backups and a resilient disaster recovery plan.

    A ransomware attack should never be enough to kill off your company. Sites, servers and other systems should be backed up regularly, offline and restored to check integrity.  How often determines how long you can manage with any technology and how much you are willing to spend on backup systems. 

  • 49% of workers reuse their password with only a simple change

    We often advise clients to change passwords regularly (say every 6 months) and use one which means something to them but can't easily be guessed by an attacker who doesn't know them personally.

    Many computers users make the mistake of trusting the same password to protect their different online accounts, not realising that if one site gets hacked that may provide the key for hackers to break in elsewhere. Malicious attackers don’t have to do this by hand, they can use credential stuffing techniques to automatically throw databases of stolen usernames and passwords at a site to see which combination will grant them access.

    So it’s important to ensure that all your passwords are unique, as well as being impossible to guess and hard to crack.

  • Casino high-roller database hacked through fish tank thermometer

    A casino's high-roller database was allegedly accessed via a security flaw in a fish tank.  Unrelated fish pictured.

    A cybersecurity executive has revealed that hackers used an Internet of Things (IoT) connected fish tank thermostat to gain access to a casino's high-roller database. Darktrace CEO Nicole Eagan told the story to an audience in London last week.  “The attackers used that to get a foothold in the network,” she explained. “They then found the high-roller database and then pulled that back across the network, out the thermostat, and up to the cloud.” The incident raises awareness about the security of IoT objects.

    It has also been reported that hackers have been able to access the camera on robot vacuum cleaners and used it to tour the interior of a home. The former head of the British government’s digital spying agency, Robert Hannigan, says the sheer scale of IoT connected devices is part of the problem.

    “With the internet of things producing thousands of new devices shoved onto the internet over the next few years, that’s going to be an increasing problem,” Hannigan said. “I saw a bank that had been hacked through its CCTV cameras because these devices are bought purely on cost.”

  • Dridex malware, also known as Bugat and Cridex, spread via fake .doc attachments

    nca logoThe UK’s National Crime Agency (NCA) has issued a warning to UK online banking consumers to guard against the possibility of having been infected by the Dridex malware, also known as Cridex and Bugat, stating that there could be ‘thousands of infected computers’ in the UK. The NCA are joining with the FBI in the United States to ‘sinkhole’ the botnet which is responsible for the spread of the malware. The report indicates that Windows users are the primary targets of the attacks.
     
    The Dridex malware is a new strain of the Cridex breed, and infects users via macro actions which launch when opening infected documents which are often sent as spam emails about invoices, parcel delivery notes and fake banking alerts.
  • Fake Executive Profiles on LinkedIn For Phishing Scams

    Someone has recently created a large number of fake LinkedIn profiles for Chief Information Security Officer (CISO) roles at some of the world’s largest corporations. It’s not clear who’s behind this network of fake CISOs or what their intentions may be. But the fabricated LinkedIn identities are confusing search engine results for CISO roles at major companies, and they are being indexed as gospel by various downstream data-scraping sources.

  • How Hackers Can Break Into Your Online Accounts Without Passwords

    hackerIn the wee hours of Wednesday morning, a host of prominent Twitter accounts were compromised and, as a result, began spouting swastika-laden propaganda in support of Turkey's president Recep Erdoğan ahead of a referendum next month which could consolidate his power. So now's a good time to check your own accounts and make sure you close the backdoor that let this happen to other people.

  • Internet of Things still deeply flawed

    The Internet of Things (IoT) security problem isn't going away. The connected network of billions of devices – from smart doorbells to office printers – is regularly found to have privacy problems and be open to attack by potential hackers.

    The latest security issue is that Google's artificial intelligence Home speaker and the Chromecast, the firm's streaming device, have been found to reveal a user's precise physical location. It's been found that some commands the Home and Chromecast devices receive are transmitted across unsecured HTTP connections and without any form of authentication.

  • Is Open Source Software Security Better?

    Back in 1999, Eric Raymond coined the term "Linus' Law," which stipulates that given enough eyeballs, all bugs are shallow.  Linus' Law, named in honor of Linux creator Linus Torvalds, has for nearly two decades been used by some as a doctrine to explain why open source software should have better security.

    In recent years, open source projects and code have experienced multiple security issues, but does that mean Linus' Law isn't valid?  The key question isn't about software development models, but rather about having an architectural design that makes software more resilient. A good article on a subject we often get asked about.

  • Lenovo caught installing adware on new pc's which breaks HTTPS

    SuperfishThe adware, named Superfish, is reportedly installed on a number of Lenovo’s consumer laptops out of the box. The software injects third-party ads on Google searches and websites without the user’s permission.
     
    Some users are reporting that the adware actually installs its own self-signed certificate authority which effectively allows the software to snoop on secure connections, like banking websites and email.
     
    This is a bad thing because it allows the software to decrypt communications between secure sites and their users.
  • NSA Suspected Of Hacking Your Hard Drives

    NSAThe NSA (the National Security Agency from the colonies, not the Norfolk Shopowners Association apparently) seems to have been meddling around with malware placed directly into users hard drives. 
     
    The report found exploits for hard drives made by many of the largest brands in the industry, including Samsung, Western Digital, Seagate, Maxtor, Toshiba and Hitachi.
  • Recent huge DDoS attack from botnet leveraged easy passwords like '12345' and 'password'

    ddosRecently security consultant Brian Krebs' website was hit with a giant Distributed Denial of Service attack designed to take his website offline and disrupt his work.
     
    The botnet was made up of nearly 400,000 benign devices such as CCTV camers, video recorders and routers which were all internet connected as part of the 'Internet of Things' (IoT) and used weak passwords such as 12345, admin and password to bombard the site with 665 Gigabits of traffic per second beating the previous record of 363 Gbps.
     
    This is entirely the fault of the device manufacturers who don't enforce stronger passwords or hard-code the default passwords in to the device making it unable to be changed.
  • Smoking Can Be Bad For Your Computer Also

    Smoking Can Be Bad For Your Computer AlsoSecurity researchers have demonstrated how e-cigarettes can easily be modified into tools to hack computers.  With only minor modifications, the vape pen can be used by attackers to compromise the computers they are connected to - even if it seems just like they are charging.  

    Giving a presentation at BSides London, Ross Bevington showed how an e-cigarette could be used to attack a computer by fooling the computer to believe it was a keyboard or by tampering with its network traffic.

  • Toyota halts operations at all Japan plants due to cyberattack

    Toyota Motor on Tuesday halted operations at all of its plants in Japan after a major supplier was hit by a cyberattack, disrupting the automaker's parts supply management system.  The company is suspending 28 lines at 14 plants. Subsidiaries Hino Motors and Daihatsu Motor will also halt operations at some plants in Japan on Tuesday.

    The cyberattack hit Kojima Industries, which supplies plastic parts to Toyota. Kojima announced on Tuesday morning that it has received a message demanding ransom and that it has confirmed the existence of a virus.

  • What is the cost of a cyber attack on WordPress or Joomla?

    Anonymous
    According to a recent survey, the average cost estimate for cleaning up a cyberattack comes in at around £850,000.
     
    But this is actually a conservative estimate: For those organisations that actually calculate (versus estimate) the real cost of an attack, that number increases significantly to £1.3 million.
     
    How is this calculated and what does it entail? According to the survey:
     

    “Quantifiable monetary losses can be directly tied to the aftermath of cyberattacks in lost revenue, unexpected budget expenditures and drops in stock values,” according to the report. “Protracted repercussions are most likely to emerge as a result of negative customer experiences, damage to brand reputation and loss of customers.”

     
    This doesn't even include the actual costs of repairing the damage and updating existing systems to prevent future incidents.
     
    At Wintercorn we've seen companies large and small suffer an attack because they simply didn't know they were being attacked and didn't know what to do until it was too late. They had no IDS (Intrusion Detection Systems) operating, they had no named person responsible for their website and they didn't bother with updates because "we're not very good with computers".
     
    Some even hosted their corporate websites on $5 per month shared servers with thousands of other sites. This is actually one of the most common routes to an attack and one of the most dangerous to your website, data and brand. 
     
  • Why Would I Need A Password Manager?

    Passwords are a necessity of the online world. They are one of the most important means of securing your digital life, preventing hackers and anyone else from accessing your bank account, email, social media accounts, and everything else you do online.

    That’s why it’s vital to use strong passwords that no one else can guess. It’s also important not to reuse passwords across multiple websites and services because if an adversary obtains your login details from one site (for example, from a data breach), they’ll be able to use those details to access all your other services that share the same login details. 

    Wintercorn recommend the use of a password manager. It allows you to have incredibly strong, complex passwords without writing them down on a post-it note or using your browser password storage. You only need remember one strong password - the one used to login to the manager. Obviously you'd also use 2 factor authentication as well. We hope it's obvious?

  • Yahoo hacked : 500 million user accounts breached

    yahoosBut only in 2014. Maybe they got notified by telegram?
     
    Yahoo says "state-sponsored" hackers stole information from about 500 million users in what appears to be the largest publicly disclosed cyber-breach in history. The breach included swathes of personal information, including names and emails, as well as “unencrypted security questions and answers”. The hack took place in 2014 but has only now been made public.
     
    The data taken includes names, email addresses, telephone numbers, dates of birth and encrypted passwords, but not credit card data, Yahoo said.

About Us

Wintercorn are Joomla! and WordPress specialists based in Norwich but with clients across the U.K., Europe, Middle East, Australia and the United States.

We build, manage and support mission-critical Joomla! and WordPress sites for professional organisations around the globe who care about their brand.

It's all we do, every day. 

Joomla!WordPress

Contact Us