Cyber-Attacks â the fallout
Posted on: 8 December 2015
By: wolfeg
No Comments »
Filed under: Uncategorized
This month our Information Security Officer, Graeme Wolfe, takes a look at some very high profile cyber-attacks on companies and institutions that took place recently.
Benjamin Franklyn is credited with saying âThere are only two things certain in life, death and taxesâ. In our digital age, we could add cyber-attacks to that list of inevitability. It seems that every week the media coverage includes a CEO of a large organisation being interviewed over a breach of their security and the loss of customer records, reputation and potentially, the whole business.
At the time this blog was written the V-Tech hack was exposed, where 6.4 million customer records were stolen. Youâll probably have heard about the most recent Talk Talk cyber-attack, where the personal data of 150,000+ customers was stolen over three attacks in 2015. You may also have heard about the denial of service attacks on RBS and the National Crime Agency – both web sites were out of action for hours. You may not have heard about the attacks that occurred across the pond at UCLA (University of California, Los Angeles) â where up to 4 million records were stolen, Â or T-Mobile US, where up to 15 million records were stolen.
The University itself has also seen various attacks targeted at both staff and students. Staff have been targeted with emails containing attachments marked âinvoicesâ or spreadsheets purportedly coming from âscanner@westminsterâ our new multi-function device printer machines. Students received a phishing email regarding âUniversity grant informationâ three times over a period of six-eight weeks.
We have to accept that unless we withdraw completely from the digital age (and become an âoff grid spoon whittlerâ to quote one broadband provider) we will be subjected to these sorts of scams and need to keep our wits about us. Whether that be a suspicious looking attachment from a company you arenât expecting to hear from, or a link to a website offering you something exciting or tempting, these sorts of attacks will not just go away. In fact, security professionals are seeing an increase in the accuracy, complexity and deviousness underlying these attacks.
We also need to be aware of the fallout from the companies that get hacked. Once our details have been stolen they will be sold on, often many times over. Those that acquire the details will use many further tricks to try and con us to get a return on their âinvestmentâ. So not only do we have to look out for electronic scams on a day-to-day basis, but when large companies have data stolen, it gives the scammers other opportunities to target us with their tricks including over the telephone and even hard copy mail, depending on what data the hackers can obtain.
Maybe being an off grid spoon whittler doesnât seem quite so bad now?
Graeme Wolfe
Information and IT Security Officer
07/12/2015