This week we learned how one ransomware group is responsible for the vast majority of ransomware attacks this year and a new report from the NCSC highlighted the true scale of cybercrime in the UK.

CTA-MDR-1

This week’s observations from our Incident Response Team

‘We have observed a few Typo squatting or URL hijacking attempts on domains, this is the most common method used be fraudsters to scam individual users by directing them to fake sites for delivery companies or for resetting passwords to online subscription services. But for businesses this can relate to attempts to monitor and redirect and internal users emails to facilitate Business Email Compromise (BEC) scams.

As we turn our sights to the end of the year you can be assured that cybercriminals are stepping up their preparations to take advantage of the annual Black Friday and Cyber Monday sales and Christmas shopping periods. Phishing emails and SMS messages are likely to increase in volume especially those claiming to be from Royal Mail, DHL and other delivery services. ‘

CTA-Incident-Response

NCSC reveals it issued 34 million alerts over the last 12 months

The National Cyber Security Centre (NCSC) released its 2022 Annual Review this week and highlighted just how big a problem cybercrime is in the UK.

According to the report, the NCSC issued 34 million threat alerts to businesses over the past year. It also revealed that it had witnessed a 20% YoY increase in the number of suspicious emails being reported and that it had removed 62,000 scam URLs. With the holiday season rapily approaching we can expect the number of phishing emails to increase sharply as cyber criminals seek to take advantage of bargain hunters later this month.

The NCSC also said that it was involved in 18 major ransomware incidents that required a national response throughout the year with the most publicised being the attack on NHS 111 in August.

"The threat from ransomware was ever present - and remains a major challenge to businesses and public services in the UK," the NCSC said in the review.

Europe’s Largest Copper Producer Hit by Cyber Attack

Europe’s largest copper producer Aurubis revealed that it suffered a cyber attack last Friday which forced it to take many of its systems offline. The way the company responded are similar to those taken when organisations detect ransomware on their networks.

According to a statement released by Germany based Aurubis the attack was part of a wider cyberattack launched against the mining and metals sector. Production was little impacted due to the quick reactions of the company’s security team but the attack highlights a growing trend of attacks against the mining industry.

LockBit ransomware group accounted for 44% of all ransomware campaigns in 2022

According to Deep Instinct’s 2022 Interim Cyber Threat Report the LockBit Ransomware as a Service (RaaS) group was responsible for 44% of all ransomware campaigns in 2022. The group was so prolific that the second placed Conti group was shown to have been behind 23% of campaigns.

Read our blog on the The Reality of Ransomware: What You Need to Know in 2023

CTA-Penetration-Testing-1

If you are worried about any of the threats outlined in this bulletin or need help in determining what steps you should take to protect yourself from the most material threats facing your organisation, please contact your account manager.

Get in touch to find out how you can protect your organisation.

 

Contact Us