Cyber Round-up for 26th April
Welcome to the Ironshare Cyber Round-up where we look back at the events of that last week and cover some of the news, posts, views, and highlights from the world of Security.
In this week’s round-up:
- 3 out 5 Firms Reported Cyber-Attacks in 2019
- Hackers Knock The Weather Channel Off-Air
- UK Decision on Huawei 5G Leaked
- Facebook Could Face $5 Billion Dollar Fine
The global insurance specialist Hiscox has released its 2019 Cyber Readiness Report that surveyed 5,400 small, medium and large businesses across seven countries (UK, US, Belgium, France, Germany, Netherlands & Spain) to determine how prepared they are for dealing with cyber-attacks.
As the number and intensity of cyber-attacks continues to rise, 61% of firms confirmed they have reported an attack in the last year, a significant jump up from the 45% in 2018.
In the UK alone reported attacks rose from 40% to 55%.
The report shows that although the Large and Enterprise size companies are still the most likely to be targeted in attacks, the stats highlight that small and medium size firms are quickly catching them up.
Medium size firms of 50-249 employees have seen the biggest jump, rising to 63%, an overall increase of 27% on the previous year, with an average cost of attacks per business sitting at £142k.
While 47% of small firms (1-49 employees), now confirm they have been targeted, with those attacks having an average cost of £11k.
These stats prove that the smaller companies who feel that they won’t be targeted or have nothing of value to cyber criminals, clearly need to adjust their thinking and start taking action.
The introduction of the GDPR in May 2018 has no doubt had a big influence on the rise of reported attacks, especially considering the heavy fines that can follow a breach, if not reported in the mandated 72-hour time frame.
The biggest take away from this report is that although more companies of all sizes have become victims of one or more cyber-attacks, preparation to protect and defend our organisations is still way below where it needs to be.
If you are one of those companies that are yet to establish a cyber security plan, then it’s time to make a start and get cyber ready.
Hackers Knock The Weather Channel Off-Air
On Thursday 18th April The Weather Channel was unable to air its usual programming for approximately 90 minutes, due to reported technical difficulties.
Normal services were resumed at around 07:30 Eastern time in the US, with weatherman Jim Cantore confirming that they had been the victim of a cyber-attack:
“The Weather Channel, sadly, has been the victim of a malicious software attack today.”
These types of hacks on broadcasting organisations are rare, but as the majority now use IP networks to deliver their content, they are vulnerable to the same types of attacks that target other internet connected companies.
Although information on the attack is very limited, there are thoughts among researchers that this could be a result of a ransomware attack.
The Weather Channel reported via their twitter feed that backup mechanisms were used to restore the service and that the FBI have been engaged to investigate the incident.
This week we heard that the UKs National Security Council (NSC) had agreed to allow Huawei to assist with the build of the Britain’s new 5G mobile data network. After months of discussion on the subject, a decision was made, but now serious concerns have been raised after that the agreement to involve Huawei was leaked prematurely by a senior member of NSC.
The NSC is chaired weekly by the PM and consists of senior cabinet members, to discuss National Security concerns. NSC meetings are protected by the Official Secrets Act, due to the nature of the intelligence that is shared by the likes of GCHQ, MI5 and MI6.
The leak of any information from these meetings is of grave concern to government, and its likely to be met with a criminal investigation into its source. This appears to be the first time that a leak of NSC information has been committed, since it was established in 2010.
Using Huawei for the 5G network has been a huge debate globally, due to the risk of spying and espionage from a company that is associated with and possibly controlled by the Chinese Government.
This decision brings doubt into the Five Eyes Intelligence Alliance the UK is a part of with the US, Canada, Australia and New Zealand. Australia have already banned Huawei from their 5G projects and the US is now calling for the exclusion of Huawei from their Five Eyes allies.
Facebook Could Face $5 Billion Dollar Fine
In their 1st quarter earnings report for 2019, Facebook has stated they are setting aside up to $5 Billion to cover the possible fines that may result from the FTC’s investigations into their poor data security and privacy practices.
According to the earnings release Facebook stated:
“We estimate that the range of loss in this matter is $3 billion to $5 billion. The matter remains unresolved, and there can be no assurance as to the timing or the terms of any final outcome.”
In March last year the FTC said it would launch an investigation into their privacy violation dealings with Cambridge Analytica.
Further reports suggest that the SEC, FBI and DoJ are also investigating Facebook, and these fines could stack up quickly if found guilty, with $40,000 per violation.
And that’s it for this week round-up, please don’t forget to tune in for our next instalment.
Why not follow us on social media using the links provided on the right.
Edition #38 – 26th April 2019
Ironshare – Security Simplified