Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label UK Government. Show all posts
User Privacy
Cyber Security Legislative Amendment Ransomware attack UK Government User Privacy

UK Government Proposes Mandatory Reporting of Ransomware Attacks

 

The British government's proposals to amend its ransomware strategy marked a minor milestone on Tuesday, when the Home Office issued its formal answer to a survey on modifying the law, but questions remain regarding the effectiveness of the measures. 

The legislative process in the United Kingdom regularly involves public consultations. In order to address the ransomware issue, the Home Office outlined three main policy recommendations and asked for public input in order to support forthcoming legislation. 

The three main policy ideas are prohibiting payments from public sector or critical national infrastructure organisations; requiring victims to notify the government prior to making any extortion payments; and requiring all victims to report attacks to law enforcement.

Following a string of high-profile ransomware incidents that affected the nation, including several that left the shelves of several high-street grocery stores empty and one that contributed to the death of a hospital patient in London, the official response was published on Tuesday, cataloguing feedback for and against the measures.

Despite being labelled as part of the government's much-talked-about Plan for Change, the plans are identical to those made while the Conservative Party was in control prior to Rishi Sunak's snap election, which delayed the consultation's introduction. Even that plan in 2024 was late to the game. 

In 2022, ransomware attacks dominated the British government's crisis management COBR meetings. However, successive home secretaries prioritised responding to small boat crossings of migrants in the English Channel. Ransomware attacks on British organisations had increased year after year for the past five years. 

“The proposals are a sign that the government is taking ransomware more seriously, which after five years of punishing attacks on UK businesses and critical national infrastructure is very welcome,” stated Jamie MacColl, a senior research fellow at think tank RUSI. But MacColl said there remained numerous questions regarding how effective the response might be. 

Earlier this year, the government announced what the Cyber Security and Resilience Bill (CSRB) will include when it is brought to Parliament. The CSRB, which only applies to regulated critical infrastructure firms, is likely to overlap with the ransomware regulations by enhancing cyber incident reporting requirements, but it is unclear how.
Read more »
UK Government
Cyber Security Public Sector Ransomware UK Government

Understanding the UK’s New Rule on Ransomware Payments in the Public Sector


The UK government has introduced a new policy that stops public sector organizations from making payments to cybercriminals during ransomware attacks. This decision was made to reduce the number of attacks by taking away the money motivation behind them.

The government believes that if attackers know they won’t get paid, they may stop targeting essential services like public hospitals, schools, or councils. However, this move has sparked a lot of discussion among cybersecurity experts and business leaders.


Why This Rule Could Be Difficult to Enforce

While the aim is to protect public services, some people believe organizations might still find ways to make payments secretly. For instance, if a company operates both in the UK and another country, it might use its foreign office to make the payment. Others might try to hide the payment by calling it a regular business expense.

These loopholes could weaken the purpose of the ban. It might even create an unfair situation where some organizations quietly pay and recover faster, while others follow the rules and face longer disruptions.


The Pressure on Business Leaders

Leaders responsible for cybersecurity face a difficult situation. While no one wants to support criminal activity, refusing to pay can lead to bigger problems. For example, a ransomware attack could shut down critical services or expose personal information.

In some extreme cases, businesses might feel that paying the ransom is the only way to continue operations or protect sensitive data. This rule could put extra pressure on leaders who are already struggling to make the right decision during a crisis.


Less Reporting, More Risks

Another concern is that if payments are banned, organizations might stop reporting ransomware incidents altogether. They may choose to hide the true nature of the attack to avoid breaking the law or getting into trouble.

This lack of transparency can be dangerous. If fewer cases are reported, cybersecurity experts won’t have enough data to understand new threats or how attacks are evolving. That means it will be harder to prepare for future attacks, leaving more organizations at risk.


Is There a Better Way Forward?

Many experts believe that instead of a complete ban, the government could allow exceptions in very serious situations. Organizations could be required to report the attack immediately and get approval from authorities before making any payments.

This would give the government better visibility into ransomware activity while still giving organizations the flexibility to act when needed. At the same time, public sector workers should receive better training so they know how to handle cyber threats early and prevent serious damage.

In short, while the new rule is a step toward fighting cybercrime, it’s important to create a balanced plan that supports both security and practicality. 

Read more »
UK Government
Data Breach Data Privacy Electoral Commission ICO IT Service Software UK Government

Hackers Exploit Security Flaws to Access Millions of UK Voters' Details

 


The UK's data privacy watchdog has found that the personal details of millions of UK voters were left exposed to hackers due to poor security practices at the Electoral Commission. The breach occurred because passwords were not changed regularly and software updates were not applied.

The cyber-attack began in August 2021 when hackers gained access to the Electoral Registers, containing details of millions of voters, including those not publicly available. The Information Commissioner's Office (ICO) has formally reprimanded the Electoral Commission for this security lapse. The Electoral Commission expressed regret over the insufficient protections and stated that they have since improved their security systems and processes.

No Evidence of Data Misuse

Although the investigation did not find any evidence of personal data misuse or direct harm caused by the attack, the ICO revealed that hackers had access to the Electoral Commission's systems for over a year. The breach was discovered only after an employee reported spam emails being sent from the commission's email server, and the hackers were eventually removed in 2022.

Accusations and Denials

The UK government has accused China of being behind the attack on the Electoral Commission. However, the Chinese embassy has dismissed these claims as "malicious slander."

Basic Security Failures

The ICO’s investigation surfaced that the Electoral Commission failed to implement adequate security measures to protect the personal information it held. Hackers exploited known security weaknesses in the commission's software, which had not been updated despite patches being available for months. Additionally, the commission did not have a policy to ensure employees used secure passwords, with 178 active email accounts still using default or easily guessable passwords set by the IT service desk.

Preventable Breach

ICO deputy commissioner Stephen Bonner emphasised that the data breach could likely have been prevented if the Electoral Commission had taken basic security steps. By not promptly installing the latest security updates, the commission's systems were left vulnerable to hackers.

This incident serves as a striking reminder of the importance of regular software updates and strong password policies to protect sensitive data from cyber-attacks.


Read more »
UK Government
Action Fraud Cyber Crime Email Fraud Email Phishing Life Insurance UK Government

Rise in Fake Life Insurance Emails, Action Fraud Warns

 


Over the past few weeks, a surge in fraudulent emails impersonating reputable life insurance companies has prompted over 800 reports to Action Fraud, the UK’s national reporting centre for fraud and cybercrime. The scam emails are cleverly crafted to appear genuine, but they contain malicious links leading recipients to harmful websites designed to steal personal and financial information.

To help the public follow through this growing threat, Action Fraud has provided guidance on handling suspicious messages. Recipients are advised to independently verify the authenticity of an email by contacting the alleged sending organisation directly, using official contact details obtained from the organisation’s official website. This precaution is crucial, as scam emails often provide fake contact information that leads directly back to the fraudsters.

Action Fraud emphasises that legitimate banks and official sources will never request personal information via email, a tactic frequently employed by scammers to harvest sensitive data. To further combat these fraudulent activities, the public is encouraged to forward any suspicious emails to the Suspicious Email Reporting Service (SERS) at report@phishing.gov.uk. This service plays a pivotal role in the UK’s defence against the growing threat of email-based fraud, providing the government with a means to track and respond to these malicious activities.

In response to the increasing number of these incidents, it is essential for individuals to remain a step ahead and take proactive measures to protect themselves from falling victim to such scams. Understanding that fraudulent emails pose a significant threat, the public is urged to exercise caution and follow the provided guidance to verify the legitimacy of any communication from financial institutions or life insurance companies.

This warning comes as scammers continue to adapt and refine their tactics to exploit unsuspecting individuals. Action Fraud stresses the importance of public awareness and education to counter these evolving threats effectively. By disseminating this information through official channels, such as news blogs and other media outlets, the hope is to empower individuals with the knowledge needed to recognise and avoid falling prey to such scams.

As a responsible member of the online community, everyone has a role to play in staying informed and helping others stay safe from cyber threats. By adhering to the guidance provided by Action Fraud and reporting suspicious emails promptly, individuals can contribute to the collective effort to combat fraudulent activities and protect personal information from falling into the wrong hands.

Action Fraud's guidance provides a valuable resource for individuals to navigate these potential threats effectively, and the public is encouraged to remain vigilant and report any suspicious emails to contribute to the ongoing efforts against email-based fraud.



Read more »
UK Government
Apple criticism Cyber Security global privacy tools Investigatory Powers Act legislative amendments privacy-focused tech public safety Tech Firm UK Government

Apple Raises Concerns Over UK's Ability to 'Secretly Veto' Global Privacy Tools

 

Apple has strongly criticized the UK government's move to require pre-approval of new security features introduced by technology companies. Proposed amendments to the Investigatory Powers Act (IPA) 2016 suggest that if the UK Home Office rejects an update, it cannot be released in any other country without public notification. The government justifies these changes as necessary to balance technological innovation and private communications with public safety.

The Home Office expressed support for privacy-focused technology but emphasized the need to prioritize national security. A government spokesperson stated that decisions regarding lawful access to protect the country from threats must be made by democratic authorities and approved by Parliament. The proposed amendments are set to be debated in the House of Lords.

Apple condemned the proposed changes, labeling them as an "unprecedented overreach" by the UK government. The tech giant expressed deep concerns about the potential risks to user privacy and security. Apple argued that if enacted, the amendments could allow the UK to globally veto new user protections, hindering the company from offering enhanced security measures to customers.

The existing Investigatory Powers Act, criticized as a "snoopers charter," has faced opposition from Apple in the past. In July 2023, Apple threatened to withdraw services like FaceTime and iMessage from the UK to maintain future security standards. However, the proposed amendments extend beyond specific services to encompass all Apple products.

Civil liberties groups, including Big Brother Watch, Liberty, Open Rights Group, and Privacy International, jointly opposed the bill in January. They expressed concerns that the changes could compel technology companies to inform the government of any plans to enhance security or privacy measures, effectively turning private companies into tools of surveillance and undermining device and internet security.

These proposed amendments follow a review of existing legislation and encompass updates related to data collection by intelligence agencies and the use of internet connection records. The contentious debate over balancing privacy, security, and technological innovation is set to unfold in the House of Lords.
Read more »
UK Government
IT Projects June Review MOVEit NHS Technology UK AI Leadership UK Government

June 2023 Review: MOVEit Exploit, UK Government’s AI Leadership Goals, NHS’ Controversial IT Project


June 2023 might have been the most thriving month for Cl0P ransomware group. Since March, the Russia-based hackers started exploiting a SQL injection vulnerability in the MOVEit file transfer service, frequently used by large organizations. However, it was not until June that Cl0p’s wreckage became apparent to organizations as cybersecurity firm Rapid7 revealed that some 2,500 incidents of data exposure had occurred online.

The incidents kept getting worse, with more and more organizations revealing that they were attacked by Cl0p. On June 5, a cyberattack on Zellis, a payroll business, affected British Airways (BA), the BBC, and Boots. The hack, which at the time was directly connected to the use of the MOVEit vulnerability, revealed the personal information of thousands of workers (two days later, BA and BBC received the standard ransomware demand from Cl0p.) As of June 15th, First National Bank, Putnam Investments, and 1st Source were among the financial services providers affected, in addition to the oil giant Shell. Though more would surface as the year went on, ransom demands seemed to crescendo at the end of the month, with Cl0p identifying and shaming Siemens Energy and Schneider Electric as the most recent victims of what now appeared to be one of the worst cyberattacks in history.

Also, June was a memorable month for the UK government’s AI goals. On June 8, the government announced their first AI summit, where it provided opportunity to world leaders to discuss regulations for a technology that many believed possessed a potential to either improve or destroy the global economy. 

As a conclusion, risk reduction in regards to AI emerged on top of the agenda. The UK government stated that risks related with “frontier systems, and discuss how they can be mitigated through internationally coordinated action,” were included in the summit’s discussions.

Furthermore, later that month, the government vouched its commitment towards shaping AI safety research by announcing around £50m in additional funding. On June 19, campaign groups Foxglove and the Doctor’s Association UK (DAUK) urged NHS to reevaluate its bid for the Federated Data Platform (FDP), a large IT project intended to connect the disparate data repositories of British health care into a single, cohesive entity.

While rationality in data analysis was a fair aspiration, according to Foxglove and DAUK, they noted that the government’s strategy for winning over the public to the data collecting that the project required was noticeably negligent. That mattered a lot more, they continued, since Palantir, a US tech startup started by an entrepreneur who had a dim view over the NHS, was the prospective winner of the FDP contract (the prediction that later turned out to be true).

Foxglove further notes that from the analysis they ran over the matter, it turned out that a huge chunk of the public would be against the project centred around the operations of healthcare services to be managed by a private organization. Therefore, making it unlikely for the FDP to be able to provide useful insight into the population's health, among other insights, claimed by its supporters.  

Read more »
UK Government
AI regulation AI technology AI tools Artificial Intelligence Cyber Security ethical AI NATO UK Government

Navigating Ethical Challenges in AI-Powered Wargames

The intersection of wargames and artificial intelligence (AI) has become a key subject in the constantly changing field of combat and technology. Experts are advocating for ethical monitoring to reduce potential hazards as nations use AI to improve military capabilities.

The NATO Wargaming Handbook, released in September 2023, stands as a testament to the growing importance of understanding the implications of AI in military simulations. The handbook delves into the intricacies of utilizing AI technologies in wargames, emphasizing the need for responsible and ethical practices. It acknowledges that while AI can significantly enhance decision-making processes, it also poses unique challenges that demand careful consideration.

The integration of AI in wargames is not without its pitfalls. The prospect of autonomous decision-making by AI systems raises ethical dilemmas and concerns about unintended consequences. The AI Safety Summit, as highlighted in the UK government's publication, underscores the necessity of proactive measures to address potential risks associated with AI in military applications. The summit serves as a platform for stakeholders to discuss strategies and guidelines to ensure the responsible use of AI in wargaming scenarios.

The ethical dimensions of AI in wargames are further explored in a comprehensive report by the Centre for Ethical Technology and Artificial Intelligence (CETAI). The report emphasizes the importance of aligning AI applications with human values, emphasizing transparency, accountability, and adherence to international laws and norms. As technology advances, maintaining ethical standards becomes paramount to prevent unintended consequences that may arise from the integration of AI into military simulations.

One of the critical takeaways from the discussions surrounding AI in wargames is the need for international collaboration. The Bulletin of the Atomic Scientists, in a thought-provoking article, emphasizes the urgency of establishing global ethical standards for AI in military contexts. The article highlights that without a shared framework, the risks associated with AI in wargaming could escalate, potentially leading to unforeseen geopolitical consequences.

The area where AI and wargames collide is complicated and requires cautious exploration. Ethical control becomes crucial when countries use AI to improve their military prowess. The significance of responsible procedures in leveraging AI in military simulations is emphasized by the findings from the CETAI report, the AI Safety Summit, and the NATO Wargaming Handbook. Experts have called for international cooperation to ensure that the use of AI in wargames is consistent with moral standards and the interests of international security.


Read more »
Windows 7
2FA Authentication Bank Data Leak Cyber Security IT Network Malicious actor Microsoft Protocols Supply Chain Platform UK Government Vulnerability and Exploits. Windows 7

UK Military Data Breach via Outdated Windows 7 System

A Windows 7 machine belonging to a high-security fencing company was the stunning weak link in a shocking cybersecurity incident that exposed vital military data. This hack not only underlines the need for organizations, including those that don't seem to be in the military industry, to maintain strong digital defenses, but it also raises questions about the health of cybersecurity policies.

The attack was started by the LockBit ransomware organization, which targeted Zaun, the high-security fencing manufacturer, according to reports from TechSpot and CPO Magazine. The attackers took advantage of a flaw in the Windows 7 operating system, which Microsoft no longer officially supports and as a result, is not up to date with security patches. This emphasizes the dangers of employing old software, especially in crucial industries.

The compromised fencing company was entrusted with safeguarding the perimeters of sensitive military installations in the UK. Consequently, the breach allowed the attackers to access vital data, potentially compromising national security. This incident underscores the importance of rigorous cybersecurity measures within the defense supply chain, where vulnerabilities can have far-reaching consequences.

The breach also serves as a reminder that cybercriminals often target the weakest links in an organization's cybersecurity chain. In this case, it was a legacy system running an outdated operating system. To mitigate such risks, organizations, especially those handling sensitive data, must regularly update their systems and invest in robust cybersecurity infrastructure.

As investigations continue, the fencing company and other organizations in similar positions need to assess their cybersecurity postures. Regular security audits, employee training, and the implementation of the latest security technologies are critical steps in preventing such breaches.

Moreover, the incident reinforces the need for collaboration and information sharing between the public and private sectors. The government and military should work closely with contractors and suppliers to ensure that their cybersecurity practices meet the highest standards, as the security of one entity can impact many others in the supply chain.

The breach of military data through a high-security fencing firm's Windows 7 computer serves as a stark reminder of the ever-present and evolving cybersecurity threats. It highlights the critical importance of keeping software up to date, securing supply chains, and fostering collaboration between various stakeholders. 

Read more »
Subscribe to: Posts (Atom)