The cybersecurity world is preparing for three major events in the calendar over the coming weeks. The FIFA World Cup, Black Friday and Cyber Monday, all events that typically result in increased activity by cyber criminals as they seek to exploit shoppers and football fans.
This week’s observations from our Incident Response Team
This Sunday sees the start of the FIFA World Cup in Qatar and in the run up to the first kick off there has been a predictable rise in the number of phishing attacks aimed at scamming football fans. Many are in the form of emails offering prizes or too good to be true offers. Football fans also need to be cautious of websites claiming to be associated with the tournament as threat actors will often use fake domains to dupe visitors into clicking on malicious links or downloading malware.
The Black Friday and Cyber Monday sales are also being exploited by hackers as they are every year. With more people expected to shop online in order to snap up a bargain than ever before they present criminals with the perfect opportunity.
Our advice is to always double check that an email is from a legitimate source and be aware that if something seems too good to be true then it’s likely a scam.
Suffolk Police in hot water after publishing the names of sexual assault victims
An investigation has been launched after Suffolk police accidentally published the names and addresses of victims of sexual assault on its website.
The Information published on the police service’s website contained victims' names, addresses, dates of birth and details of the alleged sexual offences committed. Hundreds of people were affected.
Suffolk Police say the data was accessible to the general public for a short period of time before being quickly removed after the service was made aware of the breach. How such sensitive data was ‘accidentally’ uploaded to a public facing website will raise questions over how the data is being stored and why it was possible to be exposed in such a way.
Russian Hacker Group claims responsibility for FBI website hack
The Russian Hacker Group Killnet announced that it was behind the hacking of the FBI website at the start of the week.
In a Telegram post the group said that it had infiltrated the website because it ‘doing justice and guarding Russian cyberspace, Glory to Russia and Killnet’. The attack on the FBI website is thought to have a DDoS attack similar to the attacks the group launched earlier this year when DDoS attacks made the websites for several US airports unavailable.
88% of Irish executives stated that their organisation had experienced an increase in cyber attacks since 2020
A new report released by PwC showed that 88% of Irish executives believe that their organisation have experienced an increased number of cyber attacks over the last two years.
The PwC 2023 Digital Trust Insights Survey also stated that 75% of Irish organisations are planning to increase their cybersecurity budgets for 2023 despite the global economic downturn.
The report also highlighted the cybersecurity risks that executives felt they had failed to fully mitigate such as from remote and hybrid working, cloud adoption, IoT and the digitisation of the supply chain.
If you are worried about any of the threats outlined in this bulletin or need help in determining what steps you should take to protect yourself from the most material threats facing your organisation, please contact your account manager.
Get in touch to find out how you can protect your organisation.
