•  

    Combined Industries Theft Solutions

May 2022

POTENTIAL CYBER SECURITY RISK TO AGRICULTURE

A report by the University of Cambridge highlights that internet-connected technology that is increasingly used in the agricultural industry could be vulnerable to exploitation, if not sufficiently protected.

Continue Reading
April 2022

FAKE WHATSAPP VOICE MESSAGE EMAILS ARE SPREADING MALWARE

CITS have been alerted to a recent WhatsApp scam, involving a  phishing campaign, impersonating WhatsApp’s voice message feature which has been spreading information-stealing malware.

Continue Reading
March 2022

CONSUMERS WARNED ABOUT CHATBOT SCAM

CITS have been alerted to the following cyber threat - Cyber criminals are sending phishing emails inviting people to trace deliveries, only for them to fall victim to a chatbot scam.

Continue Reading
March 2022

CYBER SECURITY LATEST UPDATES

Microsoft Security Update - Microsoft has recently released their latest security update.

Government announces Online Safety Bill - The government has announced the Online Safety Bill, which when implemented into legislation, will make it harder for fraudsters to scam victims through online fake adverts.

Continue Reading
February 2022

CYBER SECURITY RISK - UNEXPECTED PACKAGE THROUGH THE POST

Information received from a CITS Member has made us aware that some individuals in the water industry have recently received an unexpected package through the post like the one above. These parcels contain a fraudulent thank you letter, an Amazon gift card and a USB device.

Continue Reading
February 2022

RANSOMWARE ATTACKS SOAR IN 2021

SonicWall researchers have revealed a growing trend of ransomeware attacks on their customers, which rose by 105% to 623.3 million attempted recorded incidents in 2021.

Continue Reading
February 2022

PERSISTENT ‘PHISHING’ MALWARE THREATENS INDUSTRIES

A particular malware threat known as ‘TA2541’ continues as a persistent threat to many industries. Email security company Proofpoint, has carried out research which has shown that attacks from the group often begin with unsophisticated phishing emails to staff members.

Continue Reading
February 2022

JOINT US, UK AND AUSTRALIAN ADVISORY ON INCREASED GLOBALISED THREAT OF RANSOMWARE

Cyber security authorities in the United States, Australia, and the United Kingdom saw an increase in sophisticated, high-impact ransomware incidents against critical infrastructure organisations globally throughout 2021.

Continue Reading
February 2022

CYBER SECURITY SURVEY REVEALS RISKS IN REMOTE WORKING

IT software provider Dilligent has revealed the results of their recent survey in which 450 senior finance and risk professionals at UK listed companies responded. The results indicated that UK businesses had lost £374 million in 2021 due to cyber breaches largely linked to staff working from home. 

Continue Reading

!!! Cyber Advice !!!

UK organisations encouraged to take action in response to the current situation in and around Ukraine

CITS have been alerted to the latest National Cyber Security Centre announcement, urging all UK organisations to bolster their cyber security resilience, in response to the malicious cyber incidents in and around Ukraine.  It comes after the National Cyber Security Centre (NCSC), which is part of GCHQ, updated its guidance, to UK companies and organisations last week.

The NCSC is investigating the recent reports of malicious cyber incidents in Ukraine. Incidents of this nature are similar to a pattern of Russian behaviour seen before in previous situations, including the destructive NotPetya attack in 2017 and cyber-attacks against Georgia. The UK Government has attributed responsibility for both these attacks to the Russian Government.   

While the NCSC is not aware of any current specific threats to UK organisations in relation to events in and around Ukraine, the guidance encourages organisations to follow actionable steps that reduce the risk of falling victim to an attack, including:

  • Patching systems; 
  • Improving access controls and enabling multi-factor authentication; 
  • Implementing an effective incident response plan; 
  • Checking that backups and restore mechanisms are working; 
  • Ensuring that online defences are working as expected, and; 
  • Keeping up to date with the latest threat and mitigation information. 

 Paul Chichester, NCSC Director of Operations, said:

"The NCSC is committed to raising awareness of evolving cyber threats and presenting actionable steps to mitigate them. While we are unaware of any specific cyber threats to UK organisations in relation to events in Ukraine, we are monitoring the situation closely and it is vital that organisations follow the guidance to ensure they are resilient. 

Over several years, we have observed a pattern of malicious Russian behaviour in cyberspace. Last week’s incidents in Ukraine bear the hallmarks of similar Russian activity we have observed before."

The guidance, which is primarily aimed at larger organisations, also advises organisations which fall victim to a cyber-attack to report the incident to the NCSC’s 24/7 Incident Management team.

Guidance Link - Actions to take when the cyber threat is heightened - NCSC.GOV.UK

 

QR Code Scam Warning

The National Cyber Security Centre has issued an alert warning of the malicious use of QR codes - READ ANNOUNCEMENT

According to the public service announcement, cyber criminals have been tampering with QR codes to redirect users from legitimate websites to fraudulent ones, where their data and money is at risk of being stolen.

Businesses worldwide have turned increasingly towards using QR codes to continue offering their services, but this mechanism can be exploited and even used to embed malware onto a user’s device.

Anyone who thinks that they have been a victim of cybercrime should report details to their bank and Action Fraud (for England, Wales and Northern Ireland) or Police Scotland (for Scotland).

The NCSC have published top tips for staying secure online, which can help you remain safe even if have you have followed a QR code or link to a malicious destination.

 

White Rabbit Ransomware Threat

A hard to detect form of ransomware, White Rabbit, has been reported on by researchers and linked back to a crime group known for targeting finance.

White Rabbit was utilised in December 2021 in an attack against a US bank and researchers at Trend Micro believe the tactics have been seen before with the cybercriminal group, FIN8.

The technique is discreet because its payload binary requires a specific command-line password before triggering the ransomware and encryption routine. This means it remains discreet until triggered. The file is also very small (100kb) and appears to show no activity making it harder to spot.

Ransomware is a growing threat within cyber security. Criminals can use the attack to lock down files and systems before demanding payment for access, but there’s never a guarantee that paying the ransom will work

CITS urges all Business to stay alert, make regular on-line Backups, keep up to date with prevention advice, and be prepared if you do fall victim!