Search This Blog

Showing posts with label Comparitech. Show all posts

In 2021, the UK Government was Plagued by Hundreds of Spam Emails


The UK government was reportedly bombarded with billions of phishing emails last year, with large numbers of questionable and fraudulent links being clicked on by staff. Comparitech recently published a report on these fraudulent emails and got responses in the sort of freedom of information requests from 260 government agencies. 

According to Comparitech, 764,331 government employees got a total of 2.7 billion fraudulent emails, averaging 2,399 per employee. However, this indicates that the emails were most likely flagged as malicious and prohibited by the relevant government agency. 

In 2021, personnel opened 0.32 percent of malicious emails on average, with 0.67 percent of these events resulting in employees clicking on potentially dangerous links, as per research. According to Comparitech, this might suggest some UK government employees clicked on 57,736 questionable links last year. The firm reiterated whether any FOI responses have been unclear - were ignored to avoid overestimating this amount. 

357 million fraudulent emails were received by NHS Digital's 3,996 employees, amounting to 89,353 mails per employee. Other essential infrastructure services, such as railway supplier Network Rail Limited, received 223 million malicious emails, or 5,033 emails per employee, while tax authority HM Revenue & Customs received 27.9 million spam emails, or 415 emails per employee. 

In other cases, the researchers' attempts to better grasp the government's ransomware threat were hampered by respondents' lack of transparency. "One government department reported in 2021 it had identified 97 data theft over just 30 days. Seventy-one government agencies were also glad to announce why they had not been hit by ransomware in 2021 the remaining 187 didn't say whether or not they had. In 2021, only two government agencies disclosed it had been the victims of a successful ransomware attack," said Paul Bischoff of Comparitech.

Wi-Fi Routers with Default Passwords are Vulnerable to Attacks


Cybersecurity researchers have advised the users to change the manufacturer’s default access credentials of their Wi-Fi home router to minimize the risk of being compromised. 

One in 16 home Wi-Fi routers still uses the manufacturer’s default administrator passwords, a recent survey conducted by tech website Comparitech revealed. This vulnerability could allow threat actors to carry out all kinds of cyberattacks, including router hijacking and victim eavesdropping. 

“These routers, which number in the tens of thousands, can be remotely found and attacked using publicly available passwords, granting malicious hackers’ access to the victim’s home network,” reads the study. Researchers at Comparitech examined the 12 most popular home Wi-Fi router models sold on Amazon.

To test these devices, the researchers used an automated script to scan the web for these routers and log in to the router’s management dashboard using the manufacturer’s default password. Of the total of 9,927 routers tested, 635 were found to be susceptible to default password attacks. 

The findings of the team’s investigation seemed to indicate that some of the routers could have been more persistent in prompting users to change the manufacturer’s default password upon first setting up the device. 

The AsusRT and MikroTik routers could not be accessed at all despite hundreds of tests, indicating they require users to change their default passwords before an internet connection is allowed through. Meanwhile, other routers didn’t fare as well. 

“On the other end of the spectrum, roughly one in six ZTE ZXV10, XFinity, and NetGear Ethernet Plus Switch routers were found to be vulnerable to default password attacks unless the default admin password is changed,” said Comparitech.

A router with default access credentials can give the threat actor a foothold on your home network and even the devices connected to it. When a cybercriminal steps into the door, he uses access to monitor the behavior of devices connected to the router, the websites he is browsing, and unencrypted data sent over the network. 

In addition, an attacker could use the router as a proxy to download pirated content, visit illicit sites, or access illegal material. You could be suspected of or held liable for these activities. To mitigate the risk users are advised to change the router’s default admin password upon first setting the device.