Cyber Security Podcast
It seems like we hear about new cyberattacks almost every day. The targets used to be just big companies and government agencies. Now they are focused on you. Listen to our podcast to find out more.
WhatsApp scam asks victims for money to supposedly help a loved one
Cyber criminals are targeting parents by masquerading as their children on WhatsApp.
A new cybercriminal trick has been reported, in which an attacker sends a simple message such as ‘Hi Mum’ with a reason for using a different phone number, followed by a string of messages explaining a supposedly difficult situation which requires financial assistance.
The objective is to trick the victim into sending money to the criminal behind the attack. BBC sports commentator Jacqui Oatley’s mother was nearly a victim and Jacqui shared the experience on Twitter to raise awareness:
This type of scam reaffirms the need to verify who you’re communicating with, even if they’re claiming to be a loved one. If something doesn’t feel right, authenticate who you’re talking with. This might be asking a question that only your loved one would know, or calling to confirm it’s really them (a scammer may claim the phone speaker is broken to avoid a conversation).
Urgency is one of the warning signs and the NCSC has advice on how to spot a scam, including tell-tale signs and details of how to report them on the National Cyber Security Centre website.
Google removes malware-infected apps from Play Store
Google has been busy removing apps infected with malware from its Play Store. It has been reported over the past month that malware such as Joker, Facestealer and Autolycos were found in around 60 apps downloaded by more than 3.3 million users.
Zscaler has produced analysis on how some of these strains of malware work. Malware can include viruses, trojans, worms or any code or content that can damage computer systems, networks, or devices.
The NCSC always advises using official stores when downloading apps to any device. As is the case in this story, it’s always possible that infected apps find their way to an official storefront, but you are much safer than downloading from an unofficial source. Crucially you should also keep your devices and apps secure with the latest updates.
Cyber-Attacks on Major European & Global Seaports
There are a number of examples of cyber-attacks that have left the UK in complete disorder such as the WannaCry outbreak in May 2017. This global attack highlighted security vulnerabilities in Microsoft Windows 7 operating system that was used across the NHS. This attack resulted in the cancellation of appointments, operations, and the relocation of emergency patients. Around 80 of the 236 NHS trusts were affected along with 603 primary care and other NHS organizations, including 595 GP practices and surgeries. Not only did this cause serious disruption as staff had to use a pen, paper, and personal mobiles, but it cost the NHS over £90m.
More recently, there have been a rising number of cyber-attacks on major European and global seaports. The Port of Los Angeles has seen its number of cyber-attacks double since the pandemic. As one of the world’s busiest ports, they currently see around 40 million monthly attacks.
Currently part of an overall network of FBI cyber watch programs, they are taking every precaution against potential cyber-attacks.
Cyber security measures must be put into place and regular testing must be conducted to ensure organizations are safe against evolving cyber-attacks. No matter the size of the business, how reliant they are on technology, or what industry they reside in, cyber-attacks are real and serious for everyone. The risk is only growing, so the time is now to protect, and defense is the best form of attack.
Sheppard Robson asked to pay ransom after cyber-attack
Sheppard Robson’s office in a former piano factory in Camden, north London. Sheppard Robson has said it was asked to pay a ransom following a cyber-attack on the practice’s systems last week The UK’s fifth largest practice, which has 374 UK staff across offices in Manchester, Glasgow and London, said it was forced to disconnect its systems from the internet after noticing ‘unusual activity’ on its network on Sunday 24 July.
In a statement published yesterday (4 August), the practice said it had ‘now recovered access to our servers’, adding that its team had ‘done a fantastic job to keep projects running, with a clear plan in place to get back to business as normal.’ Sheppard Robson did not comment on whether it believes information has been stolen but confirmed that hackers had attempted to extort a ransom fee from the company.
The practice did not pay the fee and instead notified the police. The incident comes barely two years after Zaha Hadid Architects was also held to ransom after hackers remotely accessed a computer at its London office and stole confidential information from its servers, as well as encrypting information in an attempt to block the company’s access.
Backing up your data and regularly patching will help ensure protection. Speak to one of our team to see how we can help
*DISCLAIMER AND WAIVER OF LIABILITY
The content contained in this newsletter is written and/or produced by our cyber-security partner Exponential-e. Magnet Networks Limited t/a Magnet Plus has not verified the accuracy of the content of this newsletter or the information contained herein and does not accept any liability whatsoever or howsoever arising from the said content (whether directly or indirectly), or for any errors or omissions contained in this newsletter, or any reliance placed thereon by third parties.
Read more of our Cyber Security blogs.